Created
October 9, 2022 04:26
-
-
Save fadyosman/4d06493c65a3460a32c8048def05064e to your computer and use it in GitHub Desktop.
JS outdated library example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <head> | |
| <title>Jquery XSS Example</title> | |
| <script src="https://code.jquery.com/jquery-3.6.1.min.js" | |
| integrity="sha256-o88AwQnZB+VDvE9tvIXrMQaPlFFSUTR+nldQm1LuPXQ=" crossorigin="anonymous"></script> | |
| <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.min.js" | |
| integrity="sha256-VazP97ZCwtekAsvgPBSUwPFKdrwD3unUfSGVYrahUqU=" crossorigin="anonymous"></script> | |
| <script> | |
| function init() { | |
| $("#datepicker").datepicker({ altField: "dangerous if your input reaches here" }); | |
| }; | |
| </script> | |
| </head> | |
| <body> | |
| <button onclick="init();">Click Me</button> | |
| <div id="datepicker"></div> | |
| </body> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <head> | |
| <title>Jquery XSS Example</title> | |
| <script src="https://code.jquery.com/jquery-3.6.1.min.js" | |
| integrity="sha256-o88AwQnZB+VDvE9tvIXrMQaPlFFSUTR+nldQm1LuPXQ=" crossorigin="anonymous"></script> | |
| <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.min.js" | |
| integrity="sha256-VazP97ZCwtekAsvgPBSUwPFKdrwD3unUfSGVYrahUqU=" crossorigin="anonymous"></script> | |
| <script> | |
| // Shorthand for $( document ).ready() | |
| $(function () { | |
| $("#datepicker").datepicker({ altField: "dangerous if your input reaches here" }); | |
| }); | |
| </script> | |
| </head> | |
| <body> | |
| <label for="datepicker">Date:</label> | |
| <input type="text" id="datepicker"></div> | |
| </body> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment