It allows client-side code to be injected into web pages viewed by other users.
Find a way to trigger XSS via search bar.
Find XSS vulnerability via chat. Remember that everyone can see your payload.
Find XSS vulnerability.
Find XSS vulnerability via href.
Find XSS vulnerability via images.
Admin logs your User-Agent data. Send a payload that only admin can see.
You can share News with all users if you like.
Find a way to trigger XSS via uploaded file.
© Yavuzlar Web Security
