Cross Site Scripting (XSS) Part 3: Exploitation
In part 1 we introduced XSS, and part 2 we showed some TTPs for enumerating XSS, part 3 will be demonstrating how to take advantage of XSS. XSS can lead to full control over an application or system because it provides the attacker the ability to run code in the victim’s browser.
Forge a request in an application (example: adding a user, changing a password, etc.)
Delivering an exploit to get code executi ...