Stored XSS

You can find all Stored XSS Portswigger labs writeups.

Cover

Stored XSS into HTML context with nothing encoded

Cover

Stored XSS into anchor href attribute with double quotes HTML-encoded

Cover

Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped

PreviousCross-site scripting (XSS)NextStored XSS into HTML context with nothing encoded

Last updated