0xRoM / AJAX_JSON_XSS_POC

PoC Demonstrating XSS Via AJAX+JSON

Download ZIP 6 commits
Transfer to URL with SHA
latest commit 2b4ed9741d
root authored on 6 Jan 2022
README.md url change broke image 2 years ago
XSS_AJAX_PoC.png initial commit 3 years ago
ajax_response.php initial commit 3 years ago
index.php initial commit 3 years ago
jquery.min.js initial commit 3 years ago
README.md

PoC Demonstrating XSS Via AJAX + JSON Data

Too many people have argued that when XSS is found in JSON data that it would not be rendered in the browser.

They either think it's due to it being JSON/XML etc. or because it contains an error code (400/500 etc.)

This prooves that not to be the case:

XSS_AJAX_PoC