DOM XSS in innerHTML Sink: Bypassing a Dead-End Tag With
Why the “obvious” payload fails on an innerHTML sink, and what actually pops the alert. Continue reading on Medium » <img src="https://cdn-images-1.medium.com/max/1536/1*_nGNsE4wNTwMqiSibS7s-A.png" title="DOM XSS in innerHTML Sink: Bypassing a Dead-End…