Xss

Simple XSS

drag_indicator

info

drag_indicator

inputs

drag_indicator

inspect

#noFilter

Try to inject some JavaScript in this simple webpage.

Goal: alert(name)

Hints

Hint #1

expand_more

The $name variable is not sanitized, try to add some HTML.

Solution

Read the solution

expand_more

$name = <script>alert(name)</script>

drag_indicator

waf

INPUT

OUTPUT

drag_indicator

code

drag_indicator

result