🚨 WEB-07: Stored XSS with Filter Bypass

κΈ°λ³Έ ν•„ν„°(< > 제거)λ₯Ό μš°νšŒν•˜μ—¬ μ €μž₯된 XSS 곡격 κ°€λŠ₯

πŸ“ κ²Œμ‹œλ¬Ό μž‘μ„±

πŸ’‘ ν•„ν„° 우회 벑터:
β€’ svg/onload νƒœκ·Έ μ‚¬μš© (ν•„ν„°λŠ” < > 제거만 함)
β€’ img/onerror 이벀트 속성
β€’ HTML μ—”ν‹°ν‹°: &lt;img src=x&gt; 같은 방식
β€’ μ˜ˆμ‹œ: svg onload="alert(1)" (νƒœκ·ΈλŠ” μ—†μ§€λ§Œ 속성은 있음)
β€’ iframe νƒœκ·Έ μ‚¬μš©
🚨 μ‹€μ œ 우회: img onerror=alert(document.domain) (< > μ—†μŒ!)

πŸ“‹ κ²Œμ‹œνŒ

μ„œλ²„ 점검 κ²°κ³Ό

Warning: Undefined array key "body" in /var/www/html/web07_xss_stored_waf.php on line 115
2026-07-18 02:31:22
λ³΄μ•ˆ 곡지

Warning: Undefined array key "body" in /var/www/html/web07_xss_stored_waf.php on line 115
2026-07-18 02:31:22