Read Document Content from a Vulnerable Website via Script Tag Injection in an XSS Payload

InstructorMike Sherov

Share this video with your friends

Send Tweet

In this lesson, you will learn how to exploit an XSS vulnerability to read the contents of the page body from a vulnerable site, this time by loading up a script from their attacking domain instead of inlining the javascript, using an attack known as Remote Script Tag Injection. This attack will succeed because in the previous lesson, we only blocked inline scripts from executing. We'll solve this problem in our next lesson!