WessamSaeid/reflected-xss-example

reflected-xss-example

there is 2 vulnerabilities

1. reflected xss in index.vuln.js line 16

const Vulnerability = (req, res) => {
    var user = req.params.user;
    var respond = `
        <h1>Hi, ${user}</h1>
    `
    res.send(respond);
}

2. reflected xss in index.vuln.js line 25

const Vulnerability2 = (req, res) => {
    var {user} = req.params;
    var respond = `
        <script> var x = "${user}" </script>
    `
    res.send(respond);
}