Yeah I think there is potential to exploit, but not a clear XSS cause the iframe is in a sandbox.
It’s nitpicking though, I say award the XSS badge.
Yeah I think there is potential to exploit, but not a clear XSS cause the iframe is in a sandbox.
It’s nitpicking though, I say award the XSS badge.