This environment contains intentionally vulnerable code for educational purposes. Practice here before testing real-world applications with authorization.
XSS (Cross-Site Scripting)
Test for Cross-Site Scripting vulnerabilities by injecting malicious scripts
What is this?
XSS allows attackers to inject malicious scripts into web applications. Try entering a simple script tag to see how it's reflected.
Test Your Payload
Tips & Hints
Common Payloads
<script>alert("XSS Vulnerability")</script>Learning Path
Start with basic payloads, understand how they work, then try variations to see what gets through.
Important
Only use these techniques on systems you own or have explicit permission to test. Unauthorized testing is illegal.