There are some exercises ahead that will help you learn Client XSS by actually trying to exploit them.
The exercises contain the sections shown below.
You can make use of them to understand and then successfully perform them.
NOTE: This is not needed when the Source is URL or Navigation based.
The value being assigned to the Sink is shown here. This is where you check the impact of the payload you injected.
|Source of Data||Data from Source||Data to Sink||Sink causing Execution|
|DOM property or method that returns potentially untrusted data||DOM property or method that evaluates the assigned data as code|
// //Snippet of the code that has the vulnerability that affects this exercise. //Read this section to understand the vulnerability and find out the appropriate way to exploit it. //