Why Gemfury?
Push, build, and install
RubyGems
npm packages
Python packages
Maven artifacts
PHP packages
Go Modules
Debian packages
RPM packages
NuGet packages
squarecapadmin
squarecapadmin / lxml python
Repository URL to install this package:
|
Version:
3.4.0 ▾
|
Description: to break up expression (Thanks to Roman Ivanov for this one)
http://ha.ckers.org/xss.html#XSS_STYLE_comment
Options: -safe_attrs_only
Notes: Because of the suspicious stuff in there, the style is removed entirely
<IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
----------
<img>