all InfoSec news
XSS TRAIN WALKTROUGH
System Weakness - Medium systemweakness.com
xss train is a cross site scripting lab for learning web application security.
Train 1
in this site there is a parameter status=good, try change parameter status <b>hello</b>.
successfully performed HTML injection through a URL parameter, enter payload <script>alert(“XSS”)</script>.
successfully performed a reflected cross-site scripting attack through a URL paramater.
Train 2
in this site there is a form to input the name, right click -> view source code.
there is a function validateForm to display name if user enter …
alert application application security attack change cross-site cross site scripting good hello html html injection injection input lab name owasp parameter payload script scripting security sql injection train url web web application web application security web security xss xss-attack