DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded
The website in this lab contains a DOM-based cross-site scripting vulnerability in a AngularJS expression within the search functionality.
Reproduction and proof of concept
Enter an alphanumeric string into the search box.
View the page source and observe that your random string is enclosed in an
<body ng-app="" class="ng-scope"> ... </body>
Enter the following AngularJS expression in the search box: