I working on a machine right now that requires to exploit XSS vulnerability
Its working with <img src=
This is the payload that im using
Can some one explain to me how the netcat is getting executed here if im loading and image?
Also i have tried to do it with
but it did not work, i could see the request on my machine.
Also it is possible to execute the same payload as <img src= but with <script?
Sorry for this NOOB question, im just trying to understand the logic behind it.