From 5c2745df83294d59e5f4b86d813e086169d35080 Mon Sep 17 00:00:00 2001
From: Mehdi <pentest.co@gmail.com>
Date: Fri, 18 Aug 2023 18:56:14 +0330
Subject: [PATCH] Update XSS.md

---
 XSS.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/XSS.md b/XSS.md
index 3060678..aaf4512 100644
--- a/XSS.md
+++ b/XSS.md
@@ -762,6 +762,7 @@ More information about this technique here: https://book.hacktricks.xyz/pentesti
 
 
 **XSS in dynamic created PDF**
+
 If a web page is creating a PDF using user controlled input, you can try to trick the bot that is creating the PDF into executing arbitrary JS code.
 So, if the PDF creator bot finds some kind of HTML tags, it is going to interpret them, and you can abuse this behaviour to cause a Server XSS.
 
@@ -771,6 +772,7 @@ If you cannot inject HTML tags it could be worth it to try to inject PDF data:
 
 https://book.hacktricks.xyz/pentesting-web/xss-cross-site-scripting/pdf-injection
 
+
 **XSS uploading files (svg)**
 
 Upload as an image a file like the following one (from : https://ghostlulz.com/xss-svg/)