[xss] lab reflected xss into a javascript string w c2ab878dfc0e4958800e2f38617fdb81
[XSS] Lab: Reflected XSS into a JavaScript string with a single quote and backslash escaped
| [encodeURIComponent() - JavaScript | MDN](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent) |
so turns out that the encodeURIComponent() function encodes a URI by replacing each instance of certain characters by one, two, three, or four escape sequences representing the UTF-8 encoding of the character
so we can use a single quote to try and escape this function.
What if we provide a </script> tag?
since it does var searchterm = ‘userInput’ we can exploit that line of code before we get the the encoding step of the code by simple add a </script> tag
now since we’re able to escape that java script tag we can inject our own tags as such:
