XSS Comprehensive Test Suite - Markdown Mode

By louis.random on Skatehive

XSS Comprehensive Test Suite - Markdown Mode Authorized security audit - testing sanitization of payloads when Remarkable markdown parser is active. Markdown Link Injection Testing javascript: and data: URIs in markdown links: click) click) click Markdown Image Injection Testing injection via markdown image syntax: ) ) Raw HTML in Markdown Testing raw HTML tags within markdown context: click Markdown Code Injection Testing code block and inline code: ``javascript alert('code-block') ` Inline code with HTML: ` Markdown Table Injection Testing HTML injection in markdown tables: | header | |---| | | Hashtag/Mention Injection Testing injection via hashtag and mention parsing: @ Link Auto-detection Injection Testing injection via URL auto-detection: https://evil.com/"onmouseover="alert('autolink') https://evil.com/ This post is part of an authorized security audit. All payloads are for testing sanitization only.