XSS/HTMLi: Universal Browser Edition


At the end of successfully completing this challenges series, you will be able to:


Well, it is a usual argument from developers that XSS does not work on all browsers as Internet Explorer, Safari, Mobile Opera and Samsung browsers protect XSS. When you attempt to crack this series, any simple payload will always bypass browser XSS protection. Chrome ditched its 9-year old XSS filter on Aug 2019.

How to start:
Click on your desired challenge from the left navigation panel.