When I was start to BB, I did the what kxss do, manually. One day saw a case that, <>'" characters are encoding, but the tags didn't. So I could inject <svg onload=alert(1) easily. I really don't know why but I think adding a basic tag (like \<h1>) will cover this case also.
When I was start to BB, I did the what kxss do, manually. One day saw a case that, <>'" characters are encoding, but the tags didn't. So I could inject <svg onload=alert(1) easily. I really don't know why but I think adding a basic tag (like \<h1>) will cover this case also.
Have a nice day!