This lab contains a stored cross-site scripting vulnerability in the comment functionality.
To solve this lab, submit a comment that calls the
alert function when the blog post is viewed.
Access to the lab
Click on View post button:
At the bottom of the page, there is a comments section where you can add a message.
We can try to use the comment system to place our payload.
Now access again to the post and a popup will appear.