search

hahwul / XSpear

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
MIT License
1.19k stars 224 forks source link

[V1.3] XSS Testing to `in javascript` #39

Closed hahwul closed 4 years ago

hahwul commented 4 years ago

Sample

// [test param on request ]: '+alert(45);//
// [ response ]

var a = 'test'+alert(45);//';

Action

References https://github.com/hahwul/XSpear/issues/36#issuecomment-569432334 https://github.com/hahwul/XSpear/issues/36#issuecomment-569432470