Auto Added by WPeMatico
I stumbled upon a web app which is accepting user input and putting it into a variable within script tag.
The script tag does have a nonce attribute.
As am working on bypassing the XSS filter, I had this thought that this practice of reflecting user input within an inline script with nonce attribute renders nonce useless.
Is my understand correct or am I missing something here ?
Go to Source
Author: Rahul
I’ve been looking into my college’s internal alumni network. In that we can send connections to users and when you send a connection request, you’re taken to a url which is: https://www.website.com/yourwall/sent-invite/username/?Sendcon=true
And a message
Your invitation to Name was sent.
is displayed where ‘Name’ is the name of the user associated with ‘username’
Even though we get a success message, the connection request is not sent. And if we supply an invalid ‘username’ parameter into the url we still get a success message but as:
Your invitation to {:user} was sent.
Could this be a vulnerability? How can it be exploited and mitigated?
Go to Source
Author: Ananda Sai A