SekaiCTF-2022 WEB
题目作者: 未知
一 血: admin889
一血奖励: 0金币
解 决: 1
提 示:
描 述: Some tips to guide your way: - mathjs is part of the solution, but only a tiny part. there is no mathjs 0day, you won't get JS execution through mathjs! - hm, why isn't DOMPurify used by default? maybe you should look into differences between DOMPurify and Sanitizer API... - the intended solution does not require you to find any 0days. Every CTF has one, here's your obligatory calculator web challenge!