Skip to content

Commit

Permalink
Update XSS_Filter_Evasion_Cheat_Sheet.md (#1477)
Browse files Browse the repository at this point in the history 
Should be a dot instead of a comma
  • Loading branch information
@nbtetreault-eq
nbtetreault-eq committed Aug 29, 2024
1 parent 907dc2a commit 47023d8
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ This XSS method uses the relaxed rendering engine to create an XSS vector within
If the system does not allow quotes of any kind, you can `eval()` a `fromCharCode` in JavaScript to create any XSS vector you need:

```html
<a href="javascript:alert(String,fromCharCode(88,83,83))">Click Me!</a>
<a href="javascript:alert(String.fromCharCode(88,83,83))">Click Me!</a>
```

### Default SRC Tag to Get Past Filters that Check SRC Domain
Expand Down

0 comments on commit 47023d8

Please sign in to comment.