A3 : Cross-Site Scripting (XSS)

A3 : Reflected Cross-Site Scripting (XSS)

Want to know your lucky number? Type your name here!

Textbox input isn't validated/ sanitized properly.

Hint 1

Inject a script in the text box.
Solution

Enter any malicious JavaScript code. e.g., <script>window.location.href = "http://opendns.com";</script>