Course

This introductory XSS challenge is designed to help you grasp what happens when you find a Cross-Site Scripting vulnerability. Your task is to create an alert box using your unique identifier (UUID). By doing this, you will see firsthand how the payload you send is echoed back without any HTML encoding, indicating a vulnerability.

The lab also covers the underlying PHP code that processes your input. The server-side PHP code takes the input from the URL and serves the HTML response, which your browser then renders. By manipulating the input, you can inject HTML or JavaScript code, leading to an XSS attack. Understanding this process is crucial for identifying and exploiting XSS vulnerabilities in web applications.