New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

这样就产生了反射型 XSS 攻击。攻击者可以注入任意的恶意脚本进行攻击，可能注入恶作剧脚本，或者注入能获取用户隐私数据(如cookie)的脚本，这取决于攻击者的目的。 #77

Closed

xcsweb opened this issue Jun 15, 2020 · 0 comments

xcsweb commented Jun 15, 2020

这样就产生了反射型 XSS 攻击。攻击者可以注入任意的恶意脚本进行攻击，可能注入恶作剧脚本，或者注入能获取用户隐私数据(如cookie)的脚本，这取决于攻击者的目的。

请问如何获取用户隐私数据？已经跳转到另一个攻击者域名下的网页了，上一个页面的数据怎么拿到？

Originally posted by @ceerqingting in #68 (comment)

dwqs closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment