Test Overview

This page tests XSS vulnerabilities in the following JavaScript interfaces:

• _aptos_ - Error and response calls with string concatenation
• okxOsmosJSBridge - Error and response calls with string concatenation
• okxStarkJSBridge - Error calls with string concatenation

Target Vulnerabilities:

• window.aptos.sendError(id, "error_message")
• window.aptos.sendResponse(id, JSON.stringify(data))
• window.keplr.sendError(id, "error_message")
• window.keplr.sendResponse(id, JSON.stringify(data))
• window.starknet.sendError(id, "error_message")

XSS Payloads

Test Controls

Test All Interfaces Test Aptos Only Test Osmosis Only Test Starknet Only Clear Logs

Test Results