RIP_Leroi Posted November 20, 2013 Share Posted November 20, 2013 I am performing a security assessment on a website and have discovered a potential XSS vulnerability. I am able to exploit it if I use Burp Suite by supplying my script in place of a parameter in the query string. However, I if I try injecting the code into a URL and clicking on it, the server strips out my JavaScript. I have attempted to use numerous differnet types of encoding with no success. Is there anyway to bypass server side validation? The specific JavaScript unpacker being used is jsunpack. Thanks for any advice in advance. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.