gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-12-12 15:49:38 -08:00
Code Issues Packages Projects Releases Wiki Activity

specify condition to perform Angular JS Injection

Browse Source 
Indicate that ng-app in a root element is needed to inject Angular JS template. Injecting below payload without a root element with ng-app will not result in a successful injection
This commit is contained in:
Vunnm
2023-12-28 13:30:49 +01:00
committed by GitHub
parent cbc6e78d2a
commit 27d19813f8
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
XSS Injection/XSS in Angular.md
View File

@@ -6,6 +6,8 @@ The following payloads are based on Client Side Template Injection.
### Stored/Reflected XSS - Simple alert in AngularJS
`ng-app` directive must be present in a root element to allow the client-side injection (cf. [AngularJS: API: ngApp](https://docs.angularjs.org/api/ng/directive/ngApp)).
> AngularJS as of version 1.6 have removed the sandbox altogether
AngularJS 1.6+ by [Mario Heiderich](https://twitter.com/cure53berlin)