The alert(“XSS”)
testing https://news.ycombinator.com/item?id=34759951
6 comments
Seems like it is fixed in a weird way.
<marquee>alert("XSS")</marquee>
<marquee>alert("XSS")</marquee>
test comment
I'd be surprised if HN were vulnerable to XSS attacks.
I would too, but https://news.ycombinator.com/item?id=34759951 suggests otherwise.
sorry for spam @dang
This is bad. I think the only reason it didn't work here is that you used smart quotes instead of straight quotes.
Edit: It's completely fixed now.
Edit: It's completely fixed now.