N/A

Go to the challenge

Rules:

• Please do NOT reveal the solution until the challenge is over! After that, feel free to send us your videos / writeups and we'll share them. If you'd like to have your writeup qualify for the contest, send it in before Wednesday!
• This challenge runs from Monday the 8th of April until Monday the 15th of April, 11:59 PM UTC..
• Out of all correct submissions, we will announce seven winners on Tuesday, the 16th of April: (3 randomly drawn, 3 best write-ups, 1 first blood)
• First blood will receive a €100 swag voucher for our swag shop.
• Every randomly drawn winner and best writeup winner gets a €50 swag voucher for our swag shop.
• The winners will be announced on our Twitter profile.
• For every 100 likes, we'll add a tip to the announcement tweet.
• Join our Discord server to discuss the challenge!

The solution...

• Should work on the latest version of Chrome (Firefox not required).
• Should execute alert(document.domain).
• Should leverage a cross site scripting vulnerability on this domain.
• Shouldn't be self-XSS or related to MiTM attacks.
• Should be reported at go.intigriti.com/submit-solution.
• Should require no user interaction.

For the writeup content, make sure to add a (hidden) link to your writeup in the report or comments before the challenge has ended!

If you wish to get @'ed on Twitter, link your Twitter with your Intigriti profile!

N/A

Please submit as medium.

N/A