XSS (7)
Try It! Reflected XSS
Identify which field is susceptible to XSS
It is always a good practice to validate all input on the server-side. XSS can occur when unvalidated user input is used in an HTTP response. In a reflected XSS attack, an attacker can craft a URL with the attack script and post it to another website, email it, or otherwise get a victim to click on it.
An easy way to find out if a field is vulnerable to an XSS attack is to use the alert() or console.log() methods. Use one of them to find out which field is vulnerable.
Solution
Put <script>alert()</script>
in the box Enter your credit card number.
Last updated