Hello fellows,

I recently discovered this well-written TryHackMe Walkthrough.

In my opinion, it easily understandable by anyone, especially by the beginners. 😸

It enlists the definition of this attack, types of XSS and has some nice exercises.

I won't get into details, because you'll find out more in the page(s). 💥

Here is another great resource where you can find out more.

Here are details about a ~ 2 months old attack CVE-2024-0007 on Palo Alto Networks.

So- what do you say? Will you apply sufficient validation, sanitization on the input and will you encode the characters? 😉