Burp Suite User Forum

Login to post

Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped

Scott | Last updated: Jul 24, 2020 04:29AM UTC

I followed the instructions after being able to make several alert boxes. Instead of the foo URL though I tried some different ones. For some reason, it is not being marked as complete. Is it broken right now?

Michelle, PortSwigger Agent | Last updated: Jul 24, 2020 12:51PM UTC

There are no issues being reported with the lab at the moment. If you click on the name above your comment do you see the alert pop up?

Scott | Last updated: Jul 24, 2020 10:32PM UTC

Yeah, I could see the alert popup. It looks like it is working now though. Marked it as complete.

Michelle, PortSwigger Agent | Last updated: Jul 27, 2020 07:36AM UTC

I'm glad that's working for you. Enjoy the rest of the labs.

You need to Log in to post a reply. Or register here, for free.