Note: At 02:16, when i say it got executed with Blind XSS and was not executing any kind of Normal XSS. The whole point of trying Blind XSS payload here is because there was some validation of executing javascript with normal xss payloads like alert, prompt, confirm. This anyways dosen't have much impact as the blind xss payload gets executed in self session. But, as there were restrictions on certain normal xss payload that's when i tried wth blind XSS payload, which worked. If you need more clarification, feel free to contact :)
I am so confused 😕 I came across this video pn accident is this a vuleability with Dan or what does this this due to domains on Dan in simple terms, thank you very much