301/302 XSS vulnerability
Maxim Dounin
mdounin at mdounin.ru
Fri Dec 27 12:42:47 UTC 2019
Hello!
On Thu, Dec 26, 2019 at 12:57:49PM -0500, ayman wrote:
> We detected XSS vulnerability when we use 301 or 302 redirections.
>
> How to reproduce?
>
> curl -I -k "http://example.com/test'""'>><svg/onload=alert\`ayman\`>" >
> ayman.html
>
> open ayman.html and you will get the popup!
You are saving response headers, not the response itself.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx
mailing list