Cross-site scripting (XSS)

Exploit Running arbitrary third party javascript for all users visiting the page

Mitigation Sanitize html reserved words for js script execution

Write Up | Video