Y
Hacker News
new
|
ask
|
show
|
jobs
by
cujanovic
3147 days ago
This is vulnerable to XSS, payload: [Click Me](javascript:this;alert(document.domain))
1 comments
stevekemp
3147 days ago
Or even the more naive "<script>alert(3)</script>" - which was the second thing I tried.
link