The trigger method of XSS in the input tag of the Hidden attribute - Code World

The trigger method of XSS in the input tag of the Hidden attribute

Others 2022-04-23 07:41:12 views: 0

I saw an XSS vulnerability today. The insertion point is in a tag with the hiddenattribute . The inputgeneral situation is as follows:

<input type="hidden" name="returnurl" value="[USER INJECT]" />

The normal XSS should be:

http://victim/?value=” onclick=”alert(document.domain)

But here because this inputis not displayed on the page, the commonly used onclickmethod cannot be used (how to trigger onclick if you can't click on this tag...), but there is also a fun attribute in the browser called accesskeyso construct:

<input type="hidden" name="returnurl" value="" accesskey="X" onclick="alert(document.domain)" />

The PoC is:

http://victim/?returnurl=” accesskey=”X” onclick=”alert(document.domain)

Different browsers have different triggering methods. The following is the summary of w3school :
accesskey
So the above XSS triggering method is:
FF: shift+alt+X (successful test)
Chrome: alt+X (the latest version of Chrome has not tested successfully)
IE: alt+X (untested success)

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325524324&siteId=291194637

The trigger method of XSS in the input tag of the Hidden attribute

Vue hidden trigger input file method

The pattern attribute of the <input> tag

Use js to control the value and attribute of the input tag

Method input × number hidden in the browser ie

After adding the disabled attribute to the input, how to trigger the click event?

Take the background foreground input tag value method

Get the value of selenium page <input> tag and the number of each attribute

text and button type readonly and disabled attribute html input tag

What are the values for the type attribute of the input tag? What do they mean?

Td tag set the hidden (hidden)

Linux file hidden attribute

chattr to set the hidden attribute

JQuery in input attribute assignment, the value prop () and attr () method?

Several events trigger input

1 and a second menu for the menu background color recovery method (to its parent tag: overflow: hidden)

The C# tab TabControl control hides the method of the specified tab, any implementation method that does not support the hidden attribute is explained in detail

JS achieve access to the day after learning attributes and attribute values to change the input tag attributes

Huawei's mobile phone input method hidden seven unknown functions, unconventional, practical and powerful!

Non-default method of operation after thinkphp hidden in index.php No input file specified

Be hidden or displayed when the browser tab will trigger

jquery trigger a click event tag

Some trigger method zabbix

jquery trigger () method syntax

href attribute javascrip tag

js attribute of the script tag

html a target attribute tag

The enctype attribute of the form tag

bean tag scope attribute

HTML <a> tag href attribute

Recommended

The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!

Ranking

Getting the basic concepts of ROS + catkin Profile

Spring Learning (2) --- Assembling Beans in the IoC Container

js to get the src attribute of the image regularly

STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud

Short video learning - 3, pandas simple use of pivot_table

Print directory of project configuration log, output log

Understand the difference between vi and vim in Linux in 3 minutes

1 + x certificate Web front-end development HTML5 special exercises

mangodb save and insert the difference

7-1 Family tree processing (50 points) (binary tree solution)

Daily

More

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)