Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save thesp0nge/97167d043cc729a59beb8e0406e0ca15 to your computer and use it in GitHub Desktop.
Save thesp0nge/97167d043cc729a59beb8e0406e0ca15 to your computer and use it in GitHub Desktop.
spot_the_vuln_2
var searchQuery = window.location.hash.substr(1);
document.write("Risultati per la ricerca: " + searchQuery);
@fdicarlo
Copy link

fdicarlo commented Jul 14, 2023

Modified code to address the vulnerability:

var searchQuery = window.location.hash.substr(1); var sanitizedQuery = encodeURIComponent(searchQuery); document.write("Risultati per la ricerca: " + sanitizedQuery);

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment