Hi I've been playing around with XSS payloads. The code on the site I'm testing filters out <script></script>, but when I guessed, and used <<script>script><</script>/script> it works. This has exposed my misconceptions about how the filtering is done. Can someone...