Ajax Security: Dangerous Use of Eval XSS

Unvalidated user-supplied data is used in conjunction with a Javascript eval() call. In a reflected XSS attack, Attacker can craft a URL with the attack script and store it on another website, email it, or otherwise trick a victim into clicking on it. 


Here we will craft XSS attack that take advantage of eval() function. Goal is to trigger 'alert()'document.cookie.


-- Add malicious code



Step by step Guide

1. Enter below code to Digital Access Code field. 




2. XSS successfully injected to the website





Please publish modules in offcanvas position.