00: Supposed to be safe
10: Basic HTMLi XSS
Anything goes here, there is no protection
11:
Here we introduced a filter to stop script and alert
Solution:
Solution:
12:
Here we added confirm to our filter
Solution:
Solution:
13:
Here we put your input to lowercase before sanitising it, making no longer a valid bypass
Solution:
30: HTML tag attribute XSS
We can see a new input tag appearing on the page upon submitting a value
We can break out with
Solution: '>
40: JS XSS
We can see a new script appearing on the page upon submitting a value
This does a document.write('')
We can break out with
Solution: ');alert();//