[xss] lab stored xss into onclick event with angle 7354e3e2d2f740a18e08c47fe4ae5857
[XSS] Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped
so the website is some type of blog so the common place for XSS here is gonna be in the comment section since those comments are stored.
so the website requires a http or https
this was the payload:
'-alert(document.domain)-'
