Challenge 7: XSS in a dropdown list
Learn how the XSS vulnerability can be found in other params even though it is not editable by the browser using the BurpSuite Proxy tool
Learn how the XSS vulnerability can be found in other params even though it is not editable by the browser using the BurpSuite Proxy tool
Learn why client-side validation cannot be trusted all the time and how it can be tampered with by using BurpSuite as a proxy for exploiting XSS
Learn why client-side validation cannot be trusted all the time and how it can be tampered with by browser debugging tools for exploiting XSS
Learn how the XSS payload can be crafted using HTML5 event attributes rather than using the classic