can anyone suggest me the payload for cross site scripting which can bypass the filter which is bloking ">" and event handlers | SoloLearn: Learn to code for FREE!

+2

can anyone suggest me the payload for cross site scripting which can bypass the filter which is bloking ">" and event handlers

this is the code function escape(input) { // apply strict filter rules of level 0 // filter ">" and event handlers input = input.replace(/>|on.+?=|focus/gi, '_'); return '<input value="' + input + '" type="text">'; }

xss

5/19/2020 5:19:34 AM

Eshan Soni

1 Answer

New Answer

-1

give it as a comment