The <script>alert(“XSS”)</script> 4 points by sotrue5 3y ago ↗ HN testing https://news.ycombinator.com/item?id=34759951
[–] WantonQuantum 3y ago ↗ I'd be surprised if HN were vulnerable to XSS attacks. [–] sotrue5 3y ago ↗ I would too, but https://news.ycombinator.com/item?id=34759951 suggests otherwise.
[–] sotrue5 3y ago ↗ I would too, but https://news.ycombinator.com/item?id=34759951 suggests otherwise.
[–] josephcsible 3y ago ↗ This is bad. I think the only reason it didn't work here is that you used smart quotes instead of straight quotes.Edit: It's completely fixed now.
6 comments
[ 3.0 ms ] story [ 30.7 ms ] threadEdit: It's completely fixed now.
<marquee>alert("XSS")</marquee>