Client XSS Exercise-6
Enter Payload
Data Flow
| Source of Data | Data from Source | Data to Sink | Sink causing Execution | |||
|---|---|---|---|---|---|---|
|
LocalStorage value
Key: payload |
HTMLElement.innerHTML |
Vulnerable Code
let payloadValue = localStorage.getItem("payload", payload);
let msg = "Welcome " + payload + "!!";
document.getElementById("msgboard").innerHTML = msg;