Reflected XSS with event handlers and href attributes blocked
The website in this lab contains a reflected XSS vulnerability with some whitelisted tags, but all events and anchor href attributes are blocked.
Reproduction and proof of concept
Visit the following URL, replacing
0aea002d04f460bbc1d2491e00ad00dawith your lab ID: