PLAYER: player1 | XP: 500 | LEVEL: 4
MISSION 2 — CROSS-SITE SCRIPTING (XSS) & UNSANITIZED INPUT
Real-World Scenario:
Websites often display user input, like search results or comments.
If input is not sanitized, attackers can inject malicious code.
Example attack:
<script>stealCookies()</script>
This could steal user session data or redirect victims.
OWASP Reference:
This is a Cross-Site Scripting (XSS) vulnerability, part of the OWASP Top 10.
Start Simulation