#hackerone <img src=x onerror=alert(1)> {{1*3}} ${1*3} test
-
-
-
what is the benefit of ${1*3} in this <img src=x onerror=alert(1)> {{1*3}} ${1*3} test ?
-
testing ssti
-
and also clientside template injection :)http://blog.portswigger.net/2016/01/xss-without-html-client-side-template.html …
-
yes I totally forgot
-
-
nice one :)
-
cool , keep going .
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.