XSS - Reflected (HREF) - Low Security Level
Solution:
Step 1. Enter your choice of input and click on Continue.
Step 2. Notice your input details are reflecting in the lesson page.
Step 3. Right Click and click on View Page Source and Search for the input which you have given.
Step 4. Note all votes are passed through href tag.
Step 5. Go back to the lesson page and click on any vote button of your choice.
Step 6. Note the lesson page will display results, check the url change (Click back button as shown in the video to see how the href value chagnes).
Step 7. Go back to the lesson page and
*** Note: As YouTube doesn't allow angular brackets in the Description section replacing them with ( ), kindly change the ( ) to angular brackets
Use the payload - (/script)(script)alert('PseudoTime')(/script)
and click on continue button
Check the results.
PseudoTime
