Note: “RCE_” is not a part of the payload, it is only used to look up reflected text. …
In this writeup, I am going to explain my approach towards solving the Wacky XSS Challenge. The challenge is primarily about bypassing Content Security Policy (CSP) and DOM Clobbering due to insecure coding practice.
Here’s how the challenge page looks like:
Make Whacky! button, I noticed a GET request being made to
/frame.html page along with a query parameter called