Cross-site scripting – Reflected XSS into HTML context with most tags and attributes blocked | PortSwigger Lab Note #1

target： Lab URL: https://portswigger.net/web-security/cross-site-scripting/contexts/lab-html-context-with-most-tags-and-attributes-blocked Tools Used: browser Burp suite Vulnerability Summary： Type: Reflected Cross-site scripting Description: Steps to Exploit： 1.Input <> to determine whether angle brackets are filtered by the application. 2.Input <script> to check whether this tag is filtered by the WAF. 3.Use the XSS cheat sheet and Burp Intruder to identify which HTML tags are allowed by the filter. 4.Use Intruder again to test which attributes can be used with the allowed tags. 5.Find a way to exploit the XSS vulnerability using the permitted tags and attributes, and craft a working payload. 6.Create a malicious URL and send it to the victim so that the server responds with a hidden script that triggers the exploit. Remediation： Use parameterized queries / prepared statements Use server‑side input validation Escape and sanitize user input Lessons Learned： This lab demonstrates that