Embedding untrusted HTML XSS+ challenge

Where this came from – skip to the end for the challenge if you do not care 🙂 During the OWTF workshop at BSides Vienna the interaction with the audience was great. For the purpose of this blog post the conversation on embedding HTML input from an untrusted source developed as follows: – Olaf first asked …