XSS attack in javascript

XSS attack in javascript
0

#1

when you have translated the double quotation marks and double angles bracket, how can I attack when your input is the img src?


#2

I’m not sure what you mean. Do you mean if there is an input field on the page that is supposed to take a URL that will be used as the source for an image? Like injecting something along the lines of:
<IMG SRC="javascript:alert('XSS');">
into an image?