terjanq

Aug 9, 2020

8 min read

Arbitrary Parentheses-less XSS

In the past years, an interesting XSS vector was put on a table by some researchers, and that is Parentheses-less XSS.

It’s not a mystery that there are known payloads that will execute arbitrary XSS with limited charsets. One of the simplest payloads out there is

location=name

which with adequate window.name, will redirect to ‘javascript:alert()’ URL and execute arbitrary XSS stored in the window’s name.

--

--

More from terjanq

Security enthusiast that loves playing CTFs and hunting for bugs in the wild. Also likes to do some chess once in a while. twitter.com/terjanq

Love podcasts or audiobooks? Learn on the go with our new app.

Try Knowable

Recommended from Medium

BR Avery

in

ngconf

Angular 9 & Ivy Launch Event

john Leonetti

Fetches

Abhay Jain

Nullish coalescing operator: ‘??’

Alex Kelley

You’ve been using Monads

RayRay

Mr Frontend weekly link sharing #41

Chanak Karki

React: Day 31

React: Day 31
Abhay Jain

JavaScript Object and multiple ways to create it

Evan Williams

React Hook Form, 6 months later

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
terjanq

terjanq

Security enthusiast that loves playing CTFs and hunting for bugs in the wild. Also likes to do some chess once in a while. twitter.com/terjanq

More from Medium

Pentester Club Pvt Ltd

Web-Hacking-Toolkit — A Multi-Platform Web Hacking Toolkit Docker Image With Graphical User…

bart.sk

Online Safety #6 When Devs Do Their Thing And XSS Is Against

sn00p

Cross Site Scripting(XSS) automation in BugBounty

Md. Nur Habib

One-liner Bug Bounty Tips

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable