Lab: Stored XSS into HTML context with nothing encoded
This lab contains a stored cross-site scripting vulnerability in the comment functionality.
To solve this lab, submit a comment that calls the
alert function when the blog post is viewed.
Enter the following into the comment box:
Enter a name, email and website.
Click "post comment".
Go back to the blog.