Spot the bug: Bad Escape
2023 Jul 19 #securityHi! I wrote some Excellent Javascript that lets you change an image based on the funny little characters you type in the box at the bottom. I’ve vaguely heard of XSS, so I know that I should escape the characters, so I copied the escaping rules from Tera.
Namely, replacing &
, <
, >
, "
, \``, and
/` with their associated HTML entities.
Your task is to call submitFlag
with the string value <>
. If you succeed,
I will alert
a fun message for you :)