Closed cmbuckley closed 3 years ago
It is possible to construct a key that may result in an XSS vulnerability if user data is used to construct JSON:
<!--#include file="JSON.asp"--> <% Dim json Set json = jsObject() json("key"":""value"",""secondkey") = """" response.Write(json.jsString) %>
This will result in output that breaks out of the first key:
{"key":"value","secondkey":"\""}
The patch runs the (quoted) key through jsEncode, which results in the following:
jsEncode
{"key\":\"value\",\"secondkey":"\""}
thanks 👍
tugrul
commented
3 years ago tugrul
commented
3 years ago
It is possible to construct a key that may result in an XSS vulnerability if user data is used to construct JSON:
This will result in output that breaks out of the first key:
The patch runs the (quoted) key through
jsEncode, which results in the following: