[xss] lab reflected xss in canonical link tag 91a3bebacab64b8782e168b065e530f4
[XSS] Lab: Reflected XSS in canonical link tag
let’s view the page source and search for rel
Access key is a way to exploit a conical tag
access keys are shortcuts for focusing on elements and clicking hrefs.
so let’s look into the view page source to see how exactly the link is enclosed in
so I tried a payload that doesn’t require user interaction:
this was the payload:
now using this article from the burp suite learning matireal:
https://0ab300be049d629d818d7b5d003400e1.web-security-academy.net/?lb155%27accesskey=%27x%27onclick=%27alert(1)
