FernandoZhuang · June 14, 2018 06:21
diff --git a/XssJs过滤引号弹框.html b/XssJs过滤引号弹框.html
 <!--Vulnerbility注入点:  输入的是2333"alert(1)
 <label><h4 id="twoH4">
  <script type="text/javascript">
  var two = document.getElementById('twoH4');
  var two_value = "2333alert(1)";
  two.innerHTML=two_value;
  </script>
 </h4></label>
 -->
 <!--Inject输入: </script> <script>alert(1)</script>-->
 <label><h4>
  <script type="text/javascript">
  var you = 'iloveyou';
  document.write('</script> <script>alert(1)</script>'+','+you);
  </script>
 </h4></label>
	<!--Vulnerbility注入点: 输入的是2333"alert(1)
	<label><h4 id="twoH4">
	<script type="text/javascript">
	var two = document.getElementById('twoH4');
	var two_value = "2333alert(1)";
	two.innerHTML=two_value;
	</script>
	</h4></label>
	-->
	<!--Inject输入: </script> <script>alert(1)</script>-->
	<label><h4>
	<script type="text/javascript">
	var you = 'iloveyou';
	document.write('</script> <script>alert(1)</script>'+','+you);
	</script>
	</h4></label>