Solving Portswigger Academy: Reflected XSS into a JavaScript string with single quote and backslash escaped
This lab contains a reflected cross-site scripting vulnerability in the search query tracking functionality. The reflection occurs inside a JavaScript string with single quotes and backslashes escaped.
To solve this lab, perform a cross-site scripting attack that breaks out of the JavaScript string and calls the
alertfunction.
When you access the lab, you will see a search box. To test the behavior I used a string ‘abcd12345’ in a search box.After that view the page source.
In script tag, you will find your input.
Now we need to trigger an alert box using XSS. First we need to close the script tag using </script> and then use payload such as <img src=x onerror=alert(1)>
</script><img src=x onerror=alert(1)>
Once you use above payload an alert will pop-up.
