Cross-Site Scripting (XSS) is a security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. In a SaaS platform like Sentry, XSS vulnerabilities can be used to compromise user accounts or entire organizations. Learn more about XSS impact in Sentry
Don't worry though, here you can learn about XSS without the scary parts.
In this set of challenges, your goal is to trigger an alert that reflects back the cookies of a visitor by executing alert(document.cookie).
If you believe you achieved XSS on a particular page, press the "Check XSS" button and provide the URL. Our headless browser will visit your URL, and if the XSS is successful, the challenge will be marked as solved.
| Rank | Player | Solves |
|---|
Enter the URL to check for XSS vulnerabilities. You can modify the path if your exploit works on a different endpoint.
This may take a few seconds...