Challenges do NOT require any bruteforcing/directory fuzzing/massive amounts of traffic unless clearly specified in the challenge information below.
This one is pretty simple. One parameter is vulnerable, ?url=. Can you get XSS to execute?
Please login or register to start this challenge.
You need to be logged in to view challenge solutions.