Exploiting Unknown Syntaxes - parse_url

Exploiting Unknown Syntaxes - parse_url

The web application offers an online game where you have to capture the flag and avoid all hidden mines at all costs. will you be able to capture the flag?

Note: You can solve this challenge by just infecting a host other than localhost, but for a full solution, try popping an alert by exploiting the XSS vulnerability.

Goal

Find a way to infect the application's script tag with your host and exploit a Cross Site Scripting (XSS) to capture the flag.