Stored XSS into HTML context with nothing encoded
This writeup delves into the second XSS lab in port swigger.
Introduction
So, a new lab as part of my XSS diaries… Don’t expect anything professional from this—just me, a lab, and trying to break it. This is the second lab of XSS in portswigger named Stored XSS into HTML context with nothing encoded.
Investigation and Fuzzing
Another blog, but this time it has no search bar and has almost the same structure as the other one. So I think injecting payloads in comments will come in handy this time.
Let’s inject the famous payload in the comment, but let’s start with the simplest one: <script>alert(0)</script>.
And that’s it!!! We found a stored XSS vulnerability for the comment input.
Let’s try other inputs like name or email. Hmmmm, the name field is sanitized as shown here in Burp Suite: <script>alert(0)</script>
Conclusion
That was a straight-forward beginner friendly lab. The next labs will have more challenges I think.