Lab: Stored XSS into HTML context with nothing encoded
This lab contains a stored cross-site scripting vulnerability in the comment functionality.
To solve this lab, submit a comment that calls the alert function when the blog post is viewed.
Enter the following into the comment box: <script>alert(1)</script>
Enter a name, email and website.
Click "post comment".
Go back to the blog.