LAB 2 - Stored XSS into HTML context with nothing encoded

Initial instructions

This lab contains a stored cross-site scripting vulnerability in the comment functionality.

To solve this lab, submit a comment that calls the alert function when the blog post is viewed.

To solve this lab we need to post a comment, in this case we will inject the following xss payload.

<script>alert(1)</script>

Lets post the comment and then we will see the following screen.

Congratulations, you solved the lab!