{"url":"https://cysec148.hatenablog.com/entry/2021/03/02/121444","version":"1.0","author_name":"ThisIsOne","published":"2021-03-02 12:14:44","width":"100%","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fcysec148.hatenablog.com%2Fentry%2F2021%2F03%2F02%2F121444\" title=\"DOM XSS in document.write sink using source location.search inside a select element\u3092\u3084\u3063\u3066\u307f\u305f - Shikata Ga Nai\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","blog_title":"Shikata Ga Nai","type":"rich","author_url":"https://blog.hatena.ne.jp/ThisIsOne/","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/T/ThisIsOne/20210302/20210302111739.png","description":"Hello there, ('\u03c9')\u30ce select\u8981\u7d20\u5185\u306elocation.search\u3092\u4f7f\u7528\u3057\u305fdocument.write\u30b7\u30f3\u30af\u306eDOMXSS\u3092\u3002 \u30d7\u30eb\u30c0\u30a6\u30f3\u3067\u9078\u629e\u3057\u3066\u3001Check stock\u3092\u30af\u30ea\u30c3\u30af\u3059\u308b\u3068\u3002 \u30ea\u30af\u30a8\u30b9\u30c8\u306b\u3001storeId\u306e\u30d1\u30e9\u30e1\u30fc\u30bf\u304c\u3002 URL\u306b\u306f\u3001storeId\u306f\u306a\u304f\u3066\u3002 https://ac491f8d1e2d600180cad6f8006d00de.web-security-academy.net/product?productId=1 \u3061\u306a\u307f\u306bURL\u306bstoreId\u3092\u8ffd\u52a0\u3057\u3066\u307f\u308b\u3068\u3002 https://ac491f8d1e2d600180cad6f8006d00\u2026","blog_url":"https://cysec148.hatenablog.com/","categories":["PortSwigger"],"title":"DOM XSS in document.write sink using source location.search inside a select element\u3092\u3084\u3063\u3066\u307f\u305f","provider_url":"https://hatena.blog","height":"190","provider_name":"Hatena Blog"}