Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False positive for eval as substring (example revalidate) #314

Closed
chiragmatkar opened this issue Sep 9, 2020 · 0 comments
Closed

False positive for eval as substring (example revalidate) #314

chiragmatkar opened this issue Sep 9, 2020 · 0 comments

Comments

@chiragmatkar
Copy link

Describe the bug
Dom based results show false positive for eval even if it is present in string like revalidate

To Reproduce
For any hits on website in which javascript has strings having eval

Screenshots
Screen Shot 2020-09-09 at 11 13 31 PM

Potential cause or fix
Maybe it includes substring as well

Environment:

  • Kali Rolling 2018.2]

Some Questions

  • [ yes] I am using the latest version of XSStrike.
  • [ yes ] I installed the dependecies using pip3 instead of pip
  • [yes ] I have read the documentation before submitting this issue.
  • [ No ] I have checked the other issues to see if someone reported this before.

Other comments
No thanks, good work
@s0md3v s0md3v closed this as completed in 9ba0b5e Mar 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@chiragmatkar