masscan-web-ui icon indicating copy to clipboard operation
masscan-web-ui copied to clipboard

Published 20 hours ago verified publisher icon offensive-security

XSS in IP input

Open 0xspade opened this issue 4 years ago • 2 comments

Steps to Reproduce

  • In IP Address input, place this payload: '"><svg/onmouseover=alert(1)>
  • Click Go
  • Click Minus Sign in Upper Right to minimize the div
  • Hover the mouse to the Upper left.
  • Payload will be triggered. xss xss1

0xspade avatar Oct 20 '19 05:10 0xspade

Every input is vulnerable to XSS.

0xspade avatar Oct 20 '19 06:10 0xspade

Every input is vulnerable to XSS.

I don't know what kind of hacker you are but this can be a good or bad thing is so many ways. but since this is not something you are hosting for the public I think you will be good. if you really care about this, then just fix the code and make a pull request

c0d3x27 avatar Jul 13 '22 17:07 c0d3x27