Intro to Cross-Site Scripting
Cross-site scripting is a fancy term for when people run code on websites they don't own. This technique can be used to steal private information.
Website owners have to be very careful not to run code when users enter information.
Here is a snippet that makes a popup alert:
<script>alert('hi');</script>Instead of entering an email like a normal person, try pasting the above code and see what happens
Nice Job! 🎉
Congratulations. You just used cross-site scripting. Try it out on other websites.
Attackers can use similar techniques to steal personal information on sites that don't block cross-site scripting.
Next