Skip to main content

Exploiting XSS to bypass CSRF defenses

$ tldr PortSwigger · Cross-Site Scripting (XSS)

Solve the lab

Resources by skill

Cross-Site Scripting (XSS) · CSRF (Cross-Site Request Forgery)

Comments & tips

Solved this lab a different way? Share it here — comments live in GitHub Discussions.
Last updated: 2026-06-07