terjanq

Aug 9, 2020

8 min read

Arbitrary Parentheses-less XSS

In the past years, an interesting XSS vector was put on a table by some researchers, and that is Parentheses-less XSS.

It’s not a mystery that there are known payloads that will execute arbitrary XSS with limited charsets. One of the simplest payloads out there is

location=name

which with adequate window.name, will redirect to ‘javascript:alert()’ URL and execute arbitrary XSS stored in the window’s name.

--

--

More from terjanq

Security enthusiast that loves playing CTFs and hunting for bugs in the wild. Also likes to do some chess once in a while. twitter.com/terjanq

Love podcasts or audiobooks? Learn on the go with our new app.

Try Knowable

Recommended from Medium

Redmen Ishab

URL OAuth For Facebook And Google || React Native|| Easy Method || Step By Step Guide

_haochuan

in

We’ve moved to freeCodeCamp.org/news

Make Your Vim Smarter Using Ctrlp and Ctags

Rumputkering

[How To] Force redirect HTTP to HTTPS on GKE Using GCE Ingress

Geewealth Consulting and Recruitment

SYSTEMS ADMINISTRATOR– FLOUR MILLS OF NIGERIA PLC

Sunil Sirvi

🔰 Use Cases of JavaScript 🔰

Trevor-Indrek Lasn

in

Better Programming

Build a Sticky Navigation with Headroom.js

Andrew Wilson

Add Animations to Shapes in PowerPoint using Java

Jason Sturges

in

Geek Culture

JavaScript Graphics and Game Frameworks to Inspire in 2021

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
terjanq

terjanq

Security enthusiast that loves playing CTFs and hunting for bugs in the wild. Also likes to do some chess once in a while. twitter.com/terjanq

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable