|
|
|
|
|
|
by penguindev
4402 days ago
|
|
|
Is there more than way to attack level 3? SPOILER: I used the " html += "<img src='/static/level3/cloud" + num + ".jpg' />";
" untrusted injection, but after reading the hints it seems to be suggesting window.location and the postmessage to parent stuff. |
|
|