Writeup β XSS Lab
Reflected XSS analysis in a controlled environment.
Burp SuiteOWASP ZAP
Context
Authorized local lab. No third-party data or production systems.
Summary
Reflected XSS in an unsanitized search parameter.
Mitigation
- Contextual output encoding
- Content-Security-Policy
- Server-side input validation
More lab work on TryHackMe and Hack The Box.