Web - Client
Web - Client : XSS - Reflected
Hey, guys.
I might need your help :).
I ’ve spent a lot of time on this challange but still without success.
I found only 3 places on the entire site where users input is rendered but 2 of them are seemingly flawless.
The remaining one is prone to xss and i was able to execute the code but all of triggers are user-based and i dont seem to find any
other way to do it automatically. I was looking into js-code stored on the site but all i got is just a better/worse version of my
previous code execution techniques.
need a hint. thank you in advance.
Web - Client : XSS - Reflected
Hi addql!
Could you help me, please?
What you meant by saying "bot acts like a real user"?
Thanks!
Web - Client : XSS - Reflected
He means you have to test all the possibility. There is a nice list for your test : https://www.w3schools.com/tags/ref_eventattributes.asp