LIQRGV/poc.html

## poc.html
<html>
    <head>
        <script src="https://code.jquery.com/jquery-1.11.1.min.js"></script>
    </head>
    <body>
        <div id="target"></div>
        <script>
            const malPayload = "<script>alert('1337')<\/script>";

            // current code
            //const childNode = "<div>Payload: " + malPayload + "<\/div>";
            //$('#target').html(childNode);


            //proposed code
            const childNode = document.createElement('div');
            childNode.innerText = "<div>Payload: " + malPayload + "<\/div>";
            document.querySelector('#target').appendChild(childNode);

        </script>
    </body>
</html>
	<html>
	<head>
	<script src="https://code.jquery.com/jquery-1.11.1.min.js"></script>
	</head>
	<body>
	<div id="target"></div>
	<script>
	const malPayload = "<script>alert('1337')<\/script>";

	// current code
	//const childNode = "<div>Payload: " + malPayload + "<\/div>";
	//$('#target').html(childNode);


	//proposed code
	const childNode = document.createElement('div');
	childNode.innerText = "<div>Payload: " + malPayload + "<\/div>";
	document.querySelector('#target').appendChild(childNode);

	</script>
	</body>
	</html>