'"><img src=x onerror=prompt(/openbugbounty/)>

Iframe injection и self xss на более чем 20 000 сайтах alexarank ...

habr.com

10 янв. 2017 г. ... Я независимый исследователь безопасности securityrise.com , первое место в bug bounty ПриватБанка. Решил пройтись по топу alexarank , начал ...

'"><img src=x onerror=prompt(1)>https://html5sec.org/test.svg #474

github.com

<img/src=%00 onerror=this.onerror=confirm(1).

Vulnerability Disclosure Program | Open Bug Bounty

www.openbugbounty.org

Notify website owner in a prompt and reliable manner to help fixing the vulnerability, follow ISO 29147 guidelines of responsible disclosure. Avoid reporting any vulnerabilities that will unlikely be fixed by the website owner. Follow technical submission guidelines, otherwise submission may be declined.

html - How does one use the onerror attribute of an img element

stackoverflow.com

This is actually tricky, especially if you plan on returning an image url for use cases where you need to concatenate strings with the onerror condition image

"><img src=x onerror=prompt(1)> | AVG | Official AVG Support

support.avg.com

img srcx onerrorprompt img srcx onerrorprompt.

Обработка ошибок загрузки изображений: событие onerror

www.tune-it.ru

Для отслеживания и реакции на успешную или неуспешную загрузку изображения HTML предлагает нам два события, доступных для тега img: onload и onerror.

What is '><img src=x onerror=prompt(1);>? - Quora

www.quora.com

When you reference <img src=x , this causes an error because the application is unable to find the resource x. This is intentionally done to make use of the onerror event handler. Prompt is similar to alert which acts as a proof of concept that the script ran. Try document.cookie and you should be able...