The following is my documentation on PortSwigger’s Academy labs. End Goal: Perform an XSS attack that calls the alert function inside the template string In this lab the target site will be emulating a blog that handles the search function with JavaScript template literals. We’ll go through what that means and how to take advantage […]
Solution for PortSwigger Academy Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped
The following is my documentation on PortSwigger’s Academy labs. End Goal: Submit a comment that calls the alert function when the comment author name is clicked To help build good habits we will be going through this lab with PortSwigger’s guides to finding XSS vulnerabilities, slightly modified: This of course will be a guide that […]