makes me slyly wonder if we are opening up the site to attack is this api vetted is there a chance of an ssrf attack or persistent xss?
[(https://www.hackthebox.eu/badge/21713)] (https://www.hackthebox.eu/home/users/profile/21713)
DONE
Test
Not sure why mine’s not working but it’s annoying me
test
test
test
test
test
Thanks bro!
test
test 2
test 3 ?
This can be done with basic html as well. < a href > < img src = > < /a >