Try XSS to break out of a rut

I'm again stealing a tip from David Christiansen (he's on a roll lately). Checkout his post on using cross-site scripting to get out of a testing rut. From the post:
<script>alert("f")</script>

Paste it in every field.

If an alert pops up OR the field gets saved and then gets rendered without the script tags, you’ve found a cross-site scripting vulnerability.





As a side note, in a very funny turn of events, when I originally wrote this blog post I was rewarded with the following...

xss_error