{"categories":["Bug Bounty"],"author_name":"ThisIsOne","author_url":"https://blog.hatena.ne.jp/ThisIsOne/","height":"190","description":"Hello there, ('\u03c9')\u30ce HTML\u30a8\u30b9\u30b1\u30fc\u30d7\u3092\u4f7f\u7528\u3057\u3066XSS\u30d5\u30a3\u30eb\u30bf\u306e\u30d0\u30a4\u30d1\u30b9\u3092\u3002 \u8106\u5f31\u6027\uff1a XSS \u8a18\u4e8b\uff1a https://medium.com/@adonkidz7/bypass-xss-filter-using-html-escape-f2e06bebc8c3 \u30b7\u30b9\u30c6\u30e0\u306e\u30d0\u30b0\u304c\u3059\u3079\u3066\u4fee\u6b63\u3055\u308c\u305f\u5f8c\u3001\u307e\u3060\u8208\u5473\u304c\u3042\u3063\u305f\u306e\u3067\u3002 \u3055\u3089\u306b\u8a66\u3057\u3066\u307f\u308b\u3068csp\u306b\u3088\u3063\u3066\u30d6\u30ed\u30c3\u30af\u3055\u308c\u3066\u3044\u308b\u305f\u3081 \u4e0b\u8a18\u306e\u30da\u30a4\u30ed\u30fc\u30c9\u306f\u3001\u5931\u6557\u3057\u3066\u3002 <noscript> <p title=\u201d </noscript><style onload= alert(document.domain)//\u201d> *{/*all*/c\u2026","width":"100%","published":"2021-12-17 13:37:54","blog_title":"Shikata Ga Nai","blog_url":"https://cysec148.hatenablog.com/","title":"Bypass XSS filter using HTML Escape\u3092\u8a33\u3057\u3066\u307f\u305f","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fcysec148.hatenablog.com%2Fentry%2F2021%2F12%2F17%2F133754\" title=\"Bypass XSS filter using HTML Escape\u3092\u8a33\u3057\u3066\u307f\u305f - Shikata Ga Nai\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","provider_url":"https://hatena.blog","url":"https://cysec148.hatenablog.com/entry/2021/12/17/133754","provider_name":"Hatena Blog","version":"1.0","type":"rich","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/T/ThisIsOne/20211217/20211217131331.png"}