0

I am currently testing a webapplication that is sanitizing user input by html entity encoding special characters.

E.g. <script>alert(1)</script> becomes &lt;script&gt;alert(1)&lt;/script&gt;

also the & symbol gets encoded to &amp;

Now I need to figure out how i can bypass these filters in order to trigger XSS here.

Pascal3366
  • 1
  • 1
  • @SteffenUllrich unfortunately that does not solve the issue. – Pascal3366 Aug 03 '23 at 04:27
  • 1
    Not sure if you probably understood the answer there. It basically says, that it is impossible to exploit unless you find different ways to encode these characters. So it does actually answer your question, even if you probably don't like the outcome. – Steffen Ullrich Aug 03 '23 at 04:31
  • OK, let me rephrase it: solely based on the information you have provided no bypass can be derived. There might be ways to encode these characters in a different way in your specific case, but it is impossible to say what these might be just based on your information. You need to figure this out yourself by trying. XSS cheat sheet might help with showing you what could be tried. – Steffen Ullrich Aug 03 '23 at 04:46
  • I pretty much tried all of these payloads already without success unfortunately – Pascal3366 Aug 03 '23 at 04:59
  • 1
    I'm not sure what kind of help you expect here. The only information you provide is that these characters are escaped. It impossible for anybody to say what is possible instead while having absolutely no knowledge what the target does (except for the specific escaping) and no way to try. – Steffen Ullrich Aug 03 '23 at 05:04

0 Answers0