9Şub
When we url encode (") will become (%22), is there any way we can decode (")?
While studying the XSS vulnerability, I encountered a significant doubt. I noticed that when we include "
in a URL, it gets encoded as %22
. Therefore, I believe we can utilize the decoded version of "
, ensuring it remains as "
even after URL encoding. Please correct me if I'm mistaken.