★ ★ Classic Stored XSS (XSS)
HTML-код
- Опубликовано: 11 сен 2024
- Perform an XSS attack with script alert(`xss`) /script on a legacy page within the application.
🤴 Credits to Bjoern Kimminich for providing this excellent vulnerable web app. Download here: github.com/bki...
📃 This video is part of the OWASP Juice Shop solutions & walkthrough playlist ( • ★ Zero Stars (Improper... .
📓 Make sure to check out all the other videos in this playlist as well to get a full tutorial.
💡 If you have any questions or want to request a new video about a special topic, feel free to leave me a comment. You can also contact me on all of my social medias below.
💖 I need your help. Subscribe to this channel, link and retweet my videos and share them with your friends. This going to help make this project more sustainable in the long-run.
💙 Last but not least: Subscribe to my Twitter channels / hacksplained & / pascalsec , and support me on Patreon / hacksplained or www.buymeacoff...
alert(`xss`) is the payload
Nicely spotted!
Wish you would drop more educate contents
I will my friend 😇 just stay tuned!
heroku came up with an error when i was trying them different payloads and now it won't show anything in the account route but the error
Are you running your own Heroku instance? Have you tried to restart the app?
@@Hacksplained aplogies for late reply. yes running my own heroku instance. it doesn't show anything no matter how many times i restart the app
@@crusader_ I would suggest to deploy the Heroku app once again. Check out my video I have for that -> ruclips.net/video/A_7N8swF3C4/видео.html
how did you login as Admin I can't as I don't have password
Please have a look at another challenge video called login admin.
@@Hacksplained superb bro you’re awesome for early reply
@@Kevin-fr1xz sure, long waits are boring 😂
Use the payload: ' OR 1=1 --