XSS DOM Based - Eval

40 Points  0x0

A bad practice ...

Author

Ruulian,  

Level  Difficulty

Validations

3522 Challengers 1%

Note  Notation

1
2
3
4
5
139 Votes

To reach this part of the site please login

solutions 6 Solutions

Display solutions Submit a solution

Challenge Results Challenge Results

Pseudo Challenge Lang Date
GREAT DNG Web - Client  XSS DOM Based - Eval ru 16 January 2026 at 14:40
xarelto Web - Client  XSS DOM Based - Eval fr 16 January 2026 at 11:00
3lm0uk74r13 Web - Client  XSS DOM Based - Eval fr 16 January 2026 at 06:06
rndmsns Web - Client  XSS DOM Based - Eval en 16 January 2026 at 01:00
1bRa2h1m$ Web - Client  XSS DOM Based - Eval en 15 January 2026 at 18:17
jjotogo Web - Client  XSS DOM Based - Eval fr 14 January 2026 at 18:57
MrDiamsProg Web - Client  XSS DOM Based - Eval fr 14 January 2026 at 15:06
Danixel Web - Client  XSS DOM Based - Eval fr 13 January 2026 at 18:41
6499benita@virgilian.com Web - Client  XSS DOM Based - Eval ru 13 January 2026 at 17:37
notak Web - Client  XSS DOM Based - Eval fr 13 January 2026 at 14:39

challenges 42 Challenges

Results Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution Date
pas_valide HTML - disabled buttons 44% 168119 5 Final 10 16 July 2017
pas_valide Javascript - Authentication 46% 175103 5 g0uZ 9 8 October 2006
pas_valide Javascript - Source 44% 165696 5 g0uZ 5 7 October 2006
pas_valide Javascript - Authentication 2 40% 153174 10 na5sim 4 3 February 2011
pas_valide Javascript - Obfuscation 1 38% 144965 10 Hel0ck 10 7 October 2006
pas_valide Javascript - Obfuscation 2 33% 125723 10 Hel0ck 8 3 February 2011
pas_valide Javascript - Native code 25% 92574 15 g0uZ 8 13 March 2011
pas_valide Javascript - Webpack 8% 30500 15 CanardMandarin 3 11 August 2020
pas_valide Javascript - Obfuscation 3 18% 68149 30 Hel0ck 10 4 February 2011
pas_valide XSS - Stored 1 12% 44295 30 g0uZ 10 3 March 2012
pas_valide AST - Deobfuscation 1% 3021 35 mhoste , Lxt3h 2 27 June 2023
pas_valide CSP Bypass - Inline code 2% 6590 35 CanardMandarin 8 27 October 2020
pas_valide CSP Bypass - Nonce 2 1% 823 35 Ruulian 1 27 June 2023
pas_valide CSRF - 0 protection 6% 22261 35 sambecks 8 16 February 2016
pas_valide Web Socket - 0 protection 1% 1035 35 Worty 1 22 October 2021
pas_valide XSS DOM Based - Introduction 2% 7243 35 Ruulian 4 12 August 2021
pas_valide Flash - Authentication 2% 6694 40 koma 1 18 June 2012
pas_valide XSS DOM Based - AngularJS 1% 3133 40 Ruulian 3 12 August 2021
pas_valide XSS DOM Based - Eval 1% 3522 40 Ruulian 6 12 August 2021
pas_valide CSP Bypass - Dangling markup 1% 2046 45 CanardMandarin 1 27 October 2020
pas_valide CSP Bypass - JSONP 1% 1616 45 CanardMandarin 6 27 October 2020
pas_valide CSRF - token bypass 3% 7990 45 sambecks 8 18 February 2016
pas_valide XSS - Reflected 2% 7136 45 pickle 6 16 March 2018
pas_valide CSP Bypass - Dangling markup 2 1% 1706 50 CanardMandarin 1 27 October 2020
pas_valide CSP Bypass - Nonce 1% 1307 50 Ruulian 4 8 April 2022
pas_valide CSS - Exfiltration 1% 781 50 Forgi , gwel 1 8 April 2022
pas_valide Javascript - Obfuscation 4 2% 7380 50 aaSSfxxx 5 18 July 2011
pas_valide Relative Path Overwrite 1% 251 50 Mizu 2 28 July 2023
pas_valide XSS - Stored 2 3% 10323 50 g0uZ 7 4 March 2012
pas_valide XSS DOM Based - Filters Bypass 1% 1800 50 Ruulian 7 12 August 2021
pas_valide Self XSS - DOM Secrets 1% 320 55 Mizu 3 28 July 2023
pas_valide CSPT - The Ruler 1% 128 60 Rolix , Mizu 0 27 September 2024
pas_valide DOM Clobbering 1% 491 60 Mizu 1 8 April 2022
pas_valide Javascript - Obfuscation 6 1% 158 60 n3rada 0 27 April 2023
pas_valide Self XSS - Race Condition 1% 147 60 Mizu 1 28 July 2023
pas_valide Browser - bfcache / disk cache 1% 92 65 Mizu 0 28 July 2023
pas_valide HTTP Response Splitting 1% 2559 70 Arod 3 7 November 2013
pas_valide Javascript - Obfuscation 5 1% 866 70 Hel0ck 3 4 February 2011
pas_valide XS Leaks 1% 214 75 Mizu 1 8 April 2022
pas_valide XSS - Stored - filter bypass 1% 1672 80 Arod , sambecks 8 2 January 2016
pas_valide XSS - DOM Based 1% 909 85 vic 6 24 December 2016
pas_valide Same Origin Method Execution 1% 69 90 Mizu 0 28 July 2023