LAB 1 - Reflected XSS into HTML context with nothing encoded

Initial instructions

This lab contains a simple reflected cross-site scripting vulnerability in the search functionality.

To solve the lab, perform a cross-site scripting attack that calls the alert function.

For this lab we simply need to inject the following xss payload:

<script>alert(1)</script>

After entering the payload, click 'Search'.

You should see a result similar to the screenshot below.

Congratulations, you solved the lab!