Exploiting XSS in hidden inputs and meta tags

portswigger.net

Exploiting XSS in hidden inputs and meta tags

portswigger.net

N7x@infosec.pub to

appsec@infosec.pubEnglish · 3 years ago

In this post we are going to show how you can (ab)use the new HTML popup functionality in Chrome to exploit XSS in meta tags and hidden inputs. It all started when I noticed the new popover behaviour

Chat