Zeddit renders comments as raw HTML with no sanitisation. Inject a payload that executes JavaScript in any visitor's browser. The session cookie is your target.
