I am learning about XSS attacks.
Suppose I have a website (let's call it
http://www.animallover.com) which allows me to enter anything into a search bar to search for animal names. The website is vulnerable, as entering
<script>alert(1)</script> into the search bar triggers an alert.
My goal is to steal the user's cookie by asking the user to visit
I don't have a web server to host my cookie-capture script.
What should I do?
Subscribe to get latest updates