DOM XSS only works when I enter a command in the console [closed]
I think I have a working DOM XSS attack, but it only works when I run this command in the console:
document.write("<OPTION value=1>"+decodeURIComponent(document.location.href.substring(document.location.href.indexOf("… Continue reading DOM XSS only works when I enter a command in the console [closed]