Use the ?title=payload parameter in the URL to inject a reflected payload in the page title.
Objective: Execute JavaScript by manipulating the title parameter.
Hint: The title is reflected directly without any filtering. Try simple script tags.
Use the ?input-2=payload parameter to inject reflected value inside an input field.
Objective: Break out of the input field attribute context to execute JavaScript.
Hint: The value is reflected in an HTML attribute. Try closing the attribute and adding event handlers.
Use the ?input-3=payload parameter to inject reflected value with < and > characters removed.
Objective: Find a way to execute JavaScript without using angle brackets.
Hint: Angle brackets are filtered but other special characters aren't. Try event handlers or JavaScript URIs.
Use the ?input-4=payload parameter to inject reflected value (limited to 20 characters).
Objective: Craft a working XSS payload under 20 characters.
Hint: Short event handlers can work. Example: onfocus=alert(1) autofocus
Use the ?input-5=payload parameter to inject reflected value (all spaces will be removed).
Objective: Execute JavaScript without using spaces in your payload.
Hint: JavaScript can often work without spaces. Try: onmouseover=alert(1)