Hello Friends,

I’m Rem01x And I’m Currently Preparing For The eWPTX Exam So I Will Be Walking Through All PortSwigger Labs And Make Sure To Make Writeups For All Of Them.

Let’s Start Now.

Assume that we have this website.

As observed we have search box.

Now, Let’s try to search for anything.

For me I searched for Rem01x and it seam that the our search reflected on screen.

Now, Let’s take a look at the code.

Please Notice that there were a JavaScript code will get anything we search for and make a query in the website

As observed the code get the search as said before and query it.

Now What If we closed the double quote of the src attribute and the injected another JavaScript !?