Solving Portswigger Academy: Stored XSS into anchor href attribute with double quotes HTML-encoded
This lab contains a stored cross-site scripting vulnerability in the comment functionality. To solve this lab, submit a comment that calls the
alertfunction when the comment author name is clicked.
When we access the lab, we see a blogging site where there are few posts. We can comment on posts, which get stored which is normal.
If we see, there is a href attribute which takes the link of website we supplied. So we can include XSS paylod as the value of our website which is consumed by href tag.If you visit this website, you will find number of payloads.I will use javascript:alert(“XSS”) payload.
Let’s add new comments and above payload in website input.
When we visit the comment and click on the name which has link, an alert box triggers.
This is how you can solve the lab. Due to bug in lab it is not showing as solved.
