Hi guys. I want to ask you to confirm or refuse my assumptions for this lvl
I notice two things :
CONTACT form shows the Name and Mess. text after. I would assume XSS may be here.
I have almost no exp. in this type of attacks, but I’ve tryied to post code into both of fields - no reaction.
The algorithmI think about is to steal the login cookies by XSS and try to login using them.