Closed wilson9x1 closed 6 years ago
Can't implement because of one simple reason. If you take a look into payloads being sent, you'll see that they look "inconspicuous". This project has been used as part of one larger (prototype) project where the original idea has been to send as less non-offensive looking payloads.
can you support find xss in href?
egg:
http://127.0.0.1/2.php?xss=javascript:alert(1) when click it will has xss vuls。
but DSXS can't find this。