Add example to xss vulnerabilities

4 years ago · a05dc82658
parent 99b4ad133d
commit a05dc82658
1 changed files with 1 additions and 0 deletions
--- a/_posts/2020-04-25-xss.md
+++ b/_posts/2020-04-25-xss.md
@ -72,6 +72,7 @@ but they would show up to a user as `<`.

 When inputs are not properly sanitized *and* the input is shown to the user in another part of the website,
 then a malicous user can type in HTML that will run whenever anybody tries to look at what they typed.
+For example: a name for a quiz website (input) and the leaderboard for said quiz (display).

 HTML, by itself is not very dangerous.
 The worst thing you could do is probably put a link on your name,