Cross-site scripting is a classic well-known type of attack that is possible because some software applications take user input in an insecure way. This happens via search fields, survey forms, cookies, and online web forms.
Types → Reflected XSS, Stored XSS, and DOM XSS.
'-alert(document.location="http://www.bing.com")-' | (301 Moved Permanently)
Here comes the POC
Thanks for reading! I hope this helps,
happy learning buddies! 🙂