I have received a report from a client that lists XSS vulnerabilities. The report shows reflected XSS vulnerabilities. In each vulnerability, the payload reflected is a single, unclosed <qss>
Normally, when I read about xss vulnerabilities I see a lot of payloads that will try to close an apostraphe or an input tag, and then inject a <script> tag or some arbitrary javascript.
What is the significance of the <qss> tag and how can it be used in an xss attack? The only thing I've uncovered with google is that it is a qt style sheet, but I still don't understand its role in XSS
Aucun commentaire:
Enregistrer un commentaire