Skip to content

Astro's hacking forum

LAB 21 - Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and backticks Unicode-escaped

LAB 21 - Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and backticks Unicode-escaped¶

Initial instructions¶

This lab contains a reflected cross-site scripting vulnerability in the search blog functionality. The reflection occurs inside a template string with angle brackets, single, and double quotes HTML encoded, and backticks escaped. To solve this lab, perform a cross-site scripting attack that calls the alert function inside the template string.¶

To complete this lab I used the following XSS payload.

${alert(1)}

So I entered this payload into the search bar and clicked Search.

alt text

And the XSS got triggered.

alt text

Congratulations, you solved the lab!¶