1. Web Security Academy
  2. Cross-site scripting
  3. CSP
  4. Lab

Lab: Reflected XSS protected by very strict CSP, with dangling markup attack


This lab using a strict CSP that blocks outgoing requests to external web sites.

To solve the lab, perform a cross-site scripting attack that bypasses the CSP and exfiltrates the CSRF token using Burp Collaborator. You can use the following credentials to log in for testing:

  • Username: wiener
  • Password: peter

Note that you need to label your vector with the word "Click" in order to induce the simulated lab user to click your vector. For example: <a href="">Click me</a>