★ ★ ★ Client-side XSS Protection (XSS)

Perform a persisted XSS attack with iframe src="javascript:alert(`xss`)" bypassing a client-side security mechanism. 🤴 Credits to Bjoern Kimminich for providing this excellent vulnerable web app. Download here: https://github.com/bkimminich/juice-shop 📃 This video is part of the OWASP Juice Shop solutions & walkthrough playlist (https://www.youtube.com/watch?v=0YSNRz0NRt8&list=PL8j1j35M7wtKXpTBE6V1RlN_pBZ4StKZw). 📓 Make sure to check out all the other videos in this playlist as well to get a full tutorial. 💙 Last but not least: Subscribe to my Twitter channels https://twitter.com/hacksplained & https://twitter.com/PascalSec