Im learning about XSS and I found I can inject code in this tag a few days ago.
Tag:
<div id="pagenotfound" title='Cannot find /it/search/testtesttesttetst'onload=alert(1)'>
My payload:
/testtesttesttetst'onload=alert(1)
URL: /it/search//testtesttesttetst’onload=alert(1)
I have locked < > ” & % and many more characters (When I put ‘ automatically becomes this ‘ )(The last ‘ already comes with the page). So, is possible to inject any type of XSS payload in this website?
Thank you all for the help.
