1. 技术文章
  2. OWASP ZAP reported “alert(1);” XSS vulnerability, but no popup showed up

OWASP ZAP reported “alert(1);” XSS vulnerability, but no popup showed up

人盡茶涼 提交于 2020-01-01 07:24:09

问题


OWASP ZAP reported “alert(1);” XSS vulnerability, but we could not get pop up in browser. Is this just a false positive?

The HTML surrounding the injected attack is:

<script type="text/javascript">
  DataSet.FilterBuilder.QueryValuesDictionary['57_ctl00'] = ;alert(1);;
</script>

来源:https://stackoverflow.com/questions/29223275/owasp-zap-reported-alert1-xss-vulnerability-but-no-popup-showed-up

标签
javascript
xss
owasp
zap
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!