XSS attempt Submitted by nitori on July 19, 2023 at 6:23 AM in test  turns into 4 comments 3
nitori OP wrote on July 19, 2023 at 6:23 AM (edited on July 19, 2023 at 6:23 AM) ebic fail again, good HTML sanitizing Permalink 2
nitori OP wrote on July 21, 2023 at 10:04 AM Hmm let's try adding a span into a link [<span onload="console.log('Im in your mainframe :3')"></span>](/) turns into <span onload="console.log('Im in your mainframe :3')"></span> Permalink 1 nitori OP wrote on July 21, 2023 at 10:29 AM bold? [<b onclick="console.log('Im in your mainframe :3')">I should not appear as bold</span>](/) turns into <b onclick="console.log('Im in your mainframe :3')">I should not appear as bold</span> Permalink Parent 1 nitori OP wrote on July 21, 2023 at 10:30 AM cool, no arbitrary element addition Permalink Parent 1
nitori OP wrote on July 21, 2023 at 10:29 AM bold? [<b onclick="console.log('Im in your mainframe :3')">I should not appear as bold</span>](/) turns into <b onclick="console.log('Im in your mainframe :3')">I should not appear as bold</span> Permalink Parent 1 nitori OP wrote on July 21, 2023 at 10:30 AM cool, no arbitrary element addition Permalink Parent 1
nitori OP wrote (edited )
ebic fail
again, good HTML sanitizing