Buy a Burp Suite Certified Practitioner exam, pass before 15 Dec, and we'll refund your $99.  –   Find out more
  1. Web Security Academy
  2. Cross-site scripting
  3. CSP
  4. Lab

Lab: Reflected XSS protected by very strict CSP, with dangling markup attack


This lab using a strict CSP that blocks outgoing requests to external web sites.

To solve the lab, perform a cross-site scripting attack that bypasses the CSP and exfiltrates the CSRF token using Burp Collaborator. You need to label your vector with the word "Click" in order to induce the simulated victim user to click it. For example: <a href="">Click me</a>

You can log in to your own account using the following credentials: wiener:peter


To prevent the Academy platform being used to attack third parties, our firewall blocks interactions between the labs and arbitrary external systems. To solve the lab, you must use the provided exploit server and/or Burp Collaborator's default public server (

Register for free to track your learning progress

The benefits of working through PortSwigger's Web Security Academy
  • Practise exploiting vulnerabilities on realistic targets.

  • Record your progression from Apprentice to Expert.

  • See where you rank in our Hall of Fame.

Already got an account? Login here