Challenge 8: XSS Filter Bypass
This page has a comment box with a simple filter. Your goal: inject JavaScript to set window.foundFlag = true; and reveal the flag!
Comments:
Hints
Flag format: stemCTF{...}
🔍 Learning objective: Learn about XSS vulnerabilities and how filters can be bypassed in the browser.