Hello Hackers, in this video of Reflected XSS into HTML context with nothing encoded will see how to exploit, discover and find senstive information based on application Cross-Site Scripting to leak for potential attacks from Burp Suite in a lab from Web Security Academy powered by Portswigger

⚠️ Subscribe to my channel ➡️ @popo_hack ⚠️

0:00 - About the Lab
0:35 - Explore Inspector and console tools
2:14 - Test search input
6:08 - How XSS can be dangerous ?

🔍 About the Lab
Lab: Reflected XSS into HTML context with nothing encoded
Level: Apprentice
This lab contains a simple reflected cross-site scripting vulnerability in the search functionality.
To solve the lab, perform a cross-site scripting attack that calls the alert function.

✅ What to do ?
1. Copy and paste the following into the search box:
use script tag contains alert() function

2. Click "Search"

Thank you for watching my video, if you have any questions or any topics recommendation feel free to write them on the comment below 🙋

#WebSecurityAcademy #portswigger #vulnerability

свернуть