https://www.jakobthe.dev/tags/markdown/ Recent content in Markdown on JakobTheDev | Jakob Pennington https://www.jakobthe.dev/images/profile.png https://www.jakobthe.dev/images/profile.png Hugo -- gohugo.io en-us Fri, 08 Feb 2019 15:45:00 +1030 https://www.jakobthe.dev/posts/exploiting-xss-via-markdown/ Fri, 08 Feb 2019 15:45:00 +1030 https://www.jakobthe.dev/posts/exploiting-xss-via-markdown/ I recently came across a web application in which I was able to exploit a Cross-Site Scripting (XSS) vulnerability through a markdown editor and rendering package. It was the first time I had come across this type of vulnerability, and I found it particularly interesting because it allowed me to bypass multiple layers of XSS filtering that was implemented in the application. Here’s a short article on how I came across the vulnerability and set about crafting an exploit.