Reflected XSS into HTML context with nothing encoded¶
Description¶
The website in this lab contains a simple reflected cross-site scripting vulnerability in the search functionality.
Reproduction and proof of concept¶
Copy and paste into the search box:
<script>alert(1)</script>
Click “Search”.
Last update:
2025-05-19 17:27