Intigriti's January 2025 XSS Challenge
January 16, 2025
Belgian ethical hacking platform Intigriti hosted a new XSS (Cross Site Scripting) challenge in January 2025.
- I uploaded a PDF containing my writeup that can be read below or downloaded here: PDF
The challenge was build around a discrepancy in 2 JavaScript functions. One function doing XSS sanitization was not taking a complete web URL into account while the developer made the mistake to create a second function that allows user input coming from anywhere within the web URL.
Embedded writeup PDF:
Latest Posts
- January XSS Challenge 2025 - Intigriti August CTF Challenge 2024 - Intigriti June XSS Challenge 2023 - Intigriti April CTF Challenge 2023 - Intigriti December XSS Challenge 2022 - Intigriti July XSS Challenge 2022 - Intigriti March XSS Challenge 2022 - Intigriti April XSS Challenge 2022 - Intigriti January XSS Challenge 2022 - Intigriti December XSS Challenge 2021 - Intigriti October XSS Challenge 2021 - Intigriti September XSS Challenge 2021 - Intigriti May XSS Challenge 2021 - Intigriti March XSS Challenge 2021 - Intigriti November XSS Challenge 2020 - Intigriti May XSS Challenge 2020 - Intigriti KIBA - Try Hack Me