Reflected XSS into HTML context with nothing encoded

Lab: Reflected XSS into HTML context with nothing encoded | Web Security AcademyWebSecAcademy

Challenge

This lab contains a simple reflected XSS vulnerability in the search functionality. To solve the lab, perform a XSS attack that calls the alert function.

Solution

Input the following into the search box:

<script>alert(0)</script>

PreviousCross-Site Scripting NextStored XSS into HTML context with nothing encoded

Last updated 2 years ago

hashtagChallenge

hashtagSolution

Challenge

Solution