#XSS Vector without ( ) : ;
http://jsfiddle.net/zvAXb/ > Works in #IE // @soaj1664ashar @peterjaric @secalert @insertScript
@rafaybaloch @peterjaric @soaj1664ashar @secalert @insertScript But isnt VBS pretty useless for XSS attacks? Could you manipulate the DOM?
-
-
@avlidienbrunn We have js alternative as well as you mentioned above, this was a part of the little challenge by@soaj1664asharThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@avlidienbrunn Not useless as such because we can do something like: "><body language=vbs onload=window.location='https://www.google.com '>Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.