JSONBee icon indicating copy to clipboard operation
JSONBee copied to clipboard

Published 20 hours ago verified publisher icon zigoo0

Metadata

A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

Results 5 JSONBee issues
Sort by recently updated
recently updated
newest added

Added an additional Google endpoint

Added an additional www.google.com endpoint that allows for greater control over the resulting javascript

FelSec avatar FelSec

Removing old Intuit JSONP endpoint

1 comment

This endpoint is no longer vulnerable and should be removed.

ccloes avatar ccloes

both ajax.googleapis.com endpoints are dead

2 comment

``` ajax.googleapis.com/ajax/services/feed/find?v=1.0%26callback=alert%26context=1337 ajax.googleapis.com/ajax/services/feed/find?v=1.0%26callback=alert%26context=1337> ng-app"ng-csp ng-click=$event.view.alert(1337)>

aaronesau-summit avatar aaronesau-summit

Fix some typos, spaces.

I've found some typos while reading it, so I've fixed them and some inconsistencies. Thank you, and stay safe!

DaniyelMe avatar DaniyelMe

Added 3 Yahoo Json End Points

3 comment

Added 3 yahoo jsonp * https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?cb=alert(1337) * https://mempf.yahoo.co.jp/offer?position=h&callback=alert(1337) * https://suggest-shop.yahooapis.jp/Shopping/Suggest/V1/suggester?callback=alert(1)//&appid=dj0zaiZpPVkwMDJ1RHlqOEdwdCZzPWNvbnN1bWVyc2VjcmV0Jng9M2Y-

cyber-niz avatar cyber-niz

Metadata

468
Stars
84
Forks
Watchers

Owner

verified publisher icon zigoo0

Metadata

A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

Back