XSS in a href with target=_blank
I have found out that in most browsers the following code won’t execute:
<a href="javascript:alert(1)" target=_blank>click</a>
But the same code without blank will.
My question is, is it possible to exploit an XSS in… Continue reading XSS in a href with target=_blank