XSS Reflected

index.php
<!DOCTYPE html>
<html>
<head>
    <title>XSS - Raphgui</title>
</head>
<body>
    <h1>What is XSS ?</h1>

    <?php
    $commentaire = $_POST['commentaire'] ?? '';
    echo "<p>XSS : $commentaire</p>";


    $cookieName = "FLAG";
    $cookieValue = "XSS_Is_Easy";
    $expirationDate = time() + (30 * 24 * 60 * 60);
    setcookie($cookieName, $cookieValue, $expirationDate, '/');
    ?>

    <h2>Your XSS :</h2>
    <form method="post" action="">
        <textarea name="commentaire" rows="4" cols="50"></textarea>
        <br>
        <input type="submit" value="Soumettre">
    </form>
</body>
</html>

payload :

Last updated