Skip to content

Instantly share code, notes, and snippets.

@felmoltor

felmoltor/secret.php

Last active August 23, 2023 20:47
Show Gist options
  • Save felmoltor/53bfd0695561178f5fee815384370b58 to your computer and use it in GitHub Desktop.
Save felmoltor/53bfd0695561178f5fee815384370b58 to your computer and use it in GitHub Desktop.
Download ZIP
secret #1 vuln
Raw
secret.php
// GET /secret.php?msg=This%20is%20an%20error";alert("hello%20xss");var%20foo="var
// […]
<script defer nonce="ceT7vflNlU8YT58gnQnZH4xi">
function displayError(){
document.getElementById('error-div').innerText="Error 1005: This is an error";alert("Hello xss");var foo="var";
}
displayError();
</script>
// […]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment