This blog is about how I found my first XSS vulnerability.