David Sopas – Web Security Researcher

August 4, 2015 at 1:36 pm

Tiny XSS vector

I needed a small XSS vector that could fit in a 10 char limit variable in a limit 10 char on a private client to show him that limiting chars on a variable is not secure…

central.push({ 'var1': 'INJECT_HERE' });

So after some attempts I was unable to find one so I called for help 🙂

@soaj1664ashar 10 char fun: ‘-open()-‘

Making a valid Javascript:

central.push({ 'var1': ''-open()-'' });

This XSS vector only opens a new tab/window but in my clients case it was stored in a cookie so it was a pain in the ass to close a window each time he navigated in his web application.

Nice catch!

Tips and Tricks # ,
Share: / / /

Leave a Reply