Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Reflected XSS with some SVG markup allowed

montanio | Last updated: Jul 25, 2020 09:12AM UTC

<svg><discard onbegin=alert(1)> I don't know how to pop the window as a solid proof, could you kindly indicate? Appreciate any help. Regards montanio 25 Jul 2020

Liam, PortSwigger Agent | Last updated: Jul 27, 2020 07:57AM UTC

Could you provide some additional context? Where is the payload from?

montanio | Last updated: Jul 27, 2020 01:31PM UTC

Hi Liam, //on url link https://ac941f931fd443468010f16c00db00db.web-security-academy.net/?search=<svg><discard onbegin=alert(1)> //automatic encode https://ac941f931fd443468010f16c00db00db.web-security-academy.net/?search=%3Csvg%3E%3Cdiscard%20onbegin=alert(1)%3E //text above search box 0 search results for '' //pop up: Congratulations, you solved the lab! //original payload from solution https://your-lab-id.web-security-academy.net/?search=%22%3E%3Csvg%3E%3Cdiscard%20onbegin=alert(1)%3E Which is "><svg><discard onbegin=alert(1)> after decoding, The things is I do not know how to trigger alert(1) // discard onbegin

Liam, PortSwigger Agent | Last updated: Jul 28, 2020 06:06AM UTC

To clarify, which lab are you working on?

montanio | Last updated: Aug 01, 2020 01:14PM UTC

Hi Liam, LAB Reflected XSS with some SVG markup allowed https://portswigger.net/web-security/cross-site-scripting/contexts/lab-some-svg-markup-allowed

Liam, PortSwigger Agent | Last updated: Aug 03, 2020 12:06PM UTC

Have you checked out this video tutorial? - https://www.youtube.com/watch?v=FsSsIAELqNg

montanio | Last updated: Aug 09, 2020 03:14PM UTC

Hi Liam, I checked. It did not help with my question. Still can not figure out how to pop the window. Please kindly help. Thank you.

Liam, PortSwigger Agent | Last updated: Aug 10, 2020 09:18AM UTC

The lab is passing as expected in our testing. Keep trying!

montanio | Last updated: Aug 12, 2020 01:04PM UTC

Hi Liam, It does show me that I passed the lab. The point is I do not know how to trigger the alert window. What exact "discard" I need to do to trigger the alert(1). I am confused.

Hannah, PortSwigger Agent | Last updated: Aug 13, 2020 07:35AM UTC

The victim is using an older version of Chrome. This means that when the victim visits the URL, the popup is triggered. However, on other browsers or newer versions of Chrome, you can't visibly see the popup yourself.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.