XSS with json_encode

Hello my Friends,

this time in english 😉

Even though json_encode does not allow slashes – so you cant use javascript tags here.

Now the question is -> can i make xss Nevertheless json_encode?

YES YOU CAN! – Just pass the following for XSS a json_encode encoded string:


Now it works very well as you see 😉