PoC Demonstrating XSS Via AJAX+JSON

root authored on 6 Jan
README.md url change broke image 11 months ago
XSS_AJAX_PoC.png initial commit 2 years ago
ajax_response.php initial commit 2 years ago
index.php initial commit 2 years ago
jquery.min.js initial commit 2 years ago
README.md

PoC Demonstrating XSS Via AJAX + JSON Data

Too many people have argued that when XSS is found in JSON data that it would not be rendered in the browser.

They either think it's due to it being JSON/XML etc. or because it contains an error code (400/500 etc.)

This prooves that not to be the case:

XSS_AJAX_PoC