Cross-site-Scripting payloads can be placed on the username field: **payload inserted:**  **payload executed (after payload inserted):**  **payload executed (on victim's browser**  for reference see: - https://vulnerabilities.teammentor.net/article/Cross_Site_Scripting_Attack - https://www.owasp.org/index.php/Cross-site_Scripting_(XSS) - http://beefproject.com/
Cross-site-Scripting payloads can be placed on the username field:
payload inserted:
payload executed (after payload inserted):
payload executed (on victim's browser
for reference see: