I’m conducting a test for educational purposes. I have form which gets the name and last name and stores in in a Database. if I enter a malicious code in the inputs, the code also stores in the Database without any problem. How do make my form vulnerable to XSS Attack?
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<title>User Form</title>
</head>
<body>
<h1>Enter User Information</h1>
<!-- Display the success/failure message -->
<!--<div th:if="${message}" style="color: green; margin-bottom: 10px;" th:text="${message}"></div>-->
<div th:if="${message}" style="color: green; margin-bottom: 10px;" th:utext="${message}"></div>
<!-- Form for entering user information -->
<form action="/user-form/save" method="post">
<label for="firstName">First Name:</label>
<input type="text" id="firstName" name="firstName" required>
<br>
<label for="lastName">Last Name:</label>
<input type="text" id="lastName" name="lastName" required>
<br>
<button type="submit">Save</button>
</form>
</body>
</html>