JOIN BREACHFORUMS TELEGRAM
XSS and htmlspecialchars PHP's function
by SaltedBiscuit - Tuesday July 16, 2024 at 07:23 PM
MVP User
MVP
Posts: 200
Threads: 13
Joined: Jan 2024
Reputation: 60

MVP
#1
Jul 16, 2024, 07:23 PM
Hello forums !

I trying to resolve a CTF challenge based on stored XSS, but I'm stuck on this one with a function called htmlspecialchars (to resume, the function transform < and > by &lt; and &gtWink

I would like to know If someone have a solution to bypass ?

Here is an example of output source when I submit the form:

<span><b>aaa</b>&nbsp;(<i class="invite">status : invite</i>)</span><br/><span>&lt;script&gt;alert('XSS');&lt;/script&gt;</span><br/><hr/>
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Looking for Best Current Free Cookies Stealer/grabber Misanotnessa 2 83 6 hours ago
Last Post: Misanotnessa
  How to ear credits? dai5 2 178 Apr 25, 2026, 07:35 PM
Last Post: NOTFORSALE1932
  Proxy Provider spanko73 0 55 Feb 10, 2026, 05:18 PM
Last Post: spanko73
  SEARCHING SPANISH CALLERS troll 26 769 Feb 10, 2026, 05:16 PM
Last Post: spanko73
  SPAIN DATABASE 23M CITIZEN, IS THIS DB GENERATED? xdynamic 22 1,670 Feb 10, 2026, 07:44 AM
Last Post: llardo

Forum Jump:


 Users browsing this forum: 1 Guest(s)