manuth/UKBTutorials
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add explanation about forged image

Browse source
This commit is contained in:
Manuel Thalmann 2023-11-10 13:23:38 +01:00
parent 07d9514db3
commit 73881dc6ca
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
Lab03 - Let's Buy Some Juice/README.md
View file

@ -26,3 +26,8 @@ Result:
2. Type `<iframe src="javascript:alert('hello')">` 2. Type `<iframe src="javascript:alert('hello')">`
<!--- ToDo: Insert Picture --> <!--- ToDo: Insert Picture -->
## Forged Picture
This challenge is impossible due to the `/profile` page only reading the username from POST variables.
POST variables cannot be set through links and thus can't be set in an `img`-tag's `src` either.