Here, the value echoed back in the page is correctly encoded. However, there is still
a XSS in this page. To build the form, the developer used and trusted PHP_SELF
which is the path provide by the user.
Trusting the path provided by users is a common mistake and it can often be used
to trigger XSS along other issues. It's pretty common in pages with forms and in
error pages (404 and 500 pages).
Payload
http://192.168.56.101/xss/example8.php/%22%3E%3Cscript%3Ealert%28String.fromCharCode%2866,%20111,%2098,%2098,%20121,%2032,%2068,%2097,%20122,%20122,%20108,%20101,%20114%29%29%3C/script%3E
No comments:
Post a Comment