8) Stored XSS into anchor href attribute with double quotes HTML-encoded

first we will put a random string in all fields and then post the comment then return to the post and inspect where the random string is located and based on where we will decide which payload may be successfull

once our comment is there open the developer tools and seach for xxxx

so we have to places the website field input is located in the href attribute and the other one (comment input field) is on the paragraph tag <p></p>

the comment input is not a good target since the application does some encoding to the input provided by the user

so we will be targeting the one in the href attribute

A way to inject the alert within the href attribute is to inject a JavaScript URL: javascript:alert(1) as website.

and we have solved the lab

Previous7) Reflected XSS into attribute with angle brackets HTML-encoded Next9) Reflected XSS into a JavaScript string with angle brackets HTML encoded

Last updated 1 year ago

Was this helpful?