Today we start a new series of CTF lab solutions. In this case, we start to solve labs from the Burp Suite Academy from portswigger.net
Objective:
This lab contains a simple reflected cross-site scripting vulnerability in the search functionality.
To solve the lab, perform a cross-site scripting attack that calls the alert function.
Solution:
The lab’s URL is always a random series of characters followed by the domain web-security-academy.net
In this case, this is our address:
https://0a4400fd0474beb1c05d5336002300f2.web-security-academy.net/



