Thanks for the writeup man but I can’t seem to make sense of the testing process that lead to the final payload, conventional XSS bypass filter payload make use of < > and try to encode and the filter bypass tricks but not this, can you kindly break down the testing and thinking process that leads to the final payload?. Thanks

--

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store