Questions tagged [reflected-xss]

I am busy with the portswigger lab studies, doing "Reflected XSS into HTML context with most tags and attributes blocked". I successfully fire the print() on myself and the simulated victim, but for extra practice in preparing for the burp suite…

I have an anchor that has href attribute populated by my input. I am trying to input javascript, but it always renders it useless since it always appears between double quotes. So far, I have tried many inputs…

While working on a site (https://website.com/site/site.apexp) the site redirects through a javascript function: