Skip to main content

Yadhu's Blog

Tag: XSS

A tale of HTML Injection to Account takedown at

# About Exercism Exercism is an online platform that helps people upskill their programming skills through practice and mentoring. They are an open-source organization with over 200 GitHub repositories, thousands of contributors, and a friendly, inclusive community. I came to know about the platform in 2018 when my mentor - Vipin Pavithran asked me to improve my coding skills by practicing on Exercism. Exercism is an amazing platform to learn to code.

Exploiting Client-side Prototype Pollution - arg.js

First of all, a big shoutout to the challenge author. All the challenges in this set are available here. ## Analysis Going through the challenge source, we can see that two JavaScript files are imported. 1 2 <script src=""></script> <script src="js/main.js"></script> arg-1.4.js is a popular library for parsing URL parameters. And main.js has the following content. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 let data = { small: "Hi, there!