Home/ Questions/Q 6390695
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T03:34:45+00:00

I have had issues with XSS. Specifically I had an individual inject JS alert

  • 0

I have had issues with XSS. Specifically I had an individual inject JS alert showing that the my input had vulnerabilities. I have done research on XSS and found examples but for some reason I can’t get them to work.

Can I get example(s) of XSS that I can throw into my input and when I output it back to the user see some sort of change like an alert to know it’s vulnerable?

I’m using PHP and I am going to implement htmlspecialchars() but I first am trying to reproduce these vulnerabilities.

Thanks!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can use this firefox addon:

    XSS-Me is the Exploit-Me tool used to test for reflected Cross-Site
    Scripting (XSS). It does NOT currently test for stored XSS.

    The
    tool works by submitting your HTML forms and substituting the form
    value with strings that are representative of an XSS attack. If the
    resulting HTML page sets a specific JavaScript value
    (document.vulnerable=true) then the tool marks the page as vulnerable
    to the given XSS string. The tool does not attempting to compromise
    the security of the given system. It looks for possible entry points
    for an attack against the system. There is no port scanning, packet
    sniffing, password hacking or firewall attacks done by the
    tool.

    You can think of the work done by the tool as the same as the
    QA testers for the site manually entering all of these strings into
    the form fields.

    • 0