Thông tin
<script> const params = new URLSearchParams(window.location.search); const name = params.get("name"); if (name) { // DỄ BỊ XSS (innerHTML) document.getElementById("output").innerHTML = "Xin chào " + name; } </script>
<script> const params = new URLSearchParams(window.location.search); const name = params.get("name"); if (name) { // DỄ BỊ XSS (innerHTML) document.getElementById("output").innerHTML = "Xin chào " + name; } </script>