Stored XSS into HTML context with nothing encoded

Description

This lab contains a stored cross-site scripting vulnerability in the comment functionality.

To solve this lab, submit a comment that calls the alert function when the blog post is viewed.

Approach

After accessing the lab, I went straight to the comment section where I tried injecting some HTML tags to see if they would get rendered properly. It worked:

<h1>Ichyaboy</h1>

Seeing that the HTML tags were rendered, I proceeded to inject a script tag that runs an alert.

<script>alert(1)</script>

By that, the lab is solved.

PreviousStored XSS NextStored XSS into anchor href attribute with double quotes HTML encoded

hashtagDescription

hashtagApproach

Description

Approach