Click here to Skip to main content
15,034,252 members

Comments by Vishal S. Kumbhar (Top 2 by date)

Vishal S. Kumbhar 20-Mar-18 14:18pm View
   
Same scenario explained here --
https://support.portswigger.net/customer/portal/articles/2325935-Methodology_Attacking%20Users_XSS_Exploiting%20XSS%20-%20Injecting%20into%20Direct%20HTML.html
but instead of injecting script tags we are encoded string line "%uFF1Cscript%uFF1Ealert%28%u2018XSS%u2019%29%3B%uFF1C/script%uFF1E" for alert('XSS');
Vishal S. Kumbhar 20-Mar-18 10:32am View
   
Yes I can change now. but i'm stuck in this. so if you have any solution then suggest me.