# 0326: ThreatCenter | Name | Authors | Category | | ----------------------------------------------------------------------- | ------------------------------------ | ------------------------------------------ | | [Intigriti March Challenge (2026)](https://challenge-0326.intigriti.io) | [Kulindu](https://x.com/KulinduKodi) | DOM Clobbering, CSP Bypass, Blind XSS, XSS | ## Challenge Description > Find a way to capture the flag and win Intigriti swag! 🏆 ## Solution (official write-up from Intigriti) Read it [here](https://www.intigriti.com/researchers/blog/hacking-tools/0326-ctf-challenge-exploiting-dom-clobbering-csp-xss) ## Community Writeups 1. [err0n](https://github.com/Er01vkc/write-ups/blob/main/Web/challenge-0326/writeup.md) 2. [race\_condition](https://0xglss.medium.com/from-html-injection-to-cookie-exfiltration-via-dom-clobbering-and-jsonp-intigriti-challenge-0326-12c6057cc871) 3. [l9ja3xma](https://medium.com/@malanewar/intigritis-march-2026-xss-challenge-7183f5edbc56) 4. [zar](https://github.com/Franc-Zar/CTFsWriteups/blob/main/intigriti%2Fmarch-challenge-0326%2FREADME.md) 5. [dhiyaneshwaran](https://neo.projectdiscovery.io/share/b2538ca8-4080-4493-bc0b-ca14fd41b28a) 6. [d4ndr3w](https://giuseppedandrea.it/posts/intigriti-challenge-0326/) 7. [p0psec](https://hackmd.io/join/note/0LfAI7a_zf) 8. [oxalis](https://medium.com/@oxal1s/mxss-sometimes-the-most-purified-environments-are-the-ones-most-prone-to-mutation-b30f55b3188e) 9. [00whitehat00](https://medium.com/@mah3sec/how-i-stole-the-admins-cookie-intigriti-challenge-0326-5a503902d9a0) 10. [fs0c137y](https://blog.pradeepbhattarai.me/preview/69bec2b74a1e513e41091e36) 11. [evilgenius01](https://sujaltuladhar.com.np/blog/Intigriti_March_2026_XSS_Challenge) 12. [destrudo](https://destrudo.hashnode.dev/intig-1212otts-threatcentr) 13. [cl4nd3st1ne](https://cl4nd3st1ne.gitbook.io/write-ups/intigriti-challenges/challenge-0326-write-up) 14. [fjordsec](https://gist.github.com/fjordsec/ff0f124f6a6945628125e0bd78f67d3d) 15. [r0m1l](https://romil-cyber-security.gitbook.io/intigriti-march-challenge-0326/eCAprVjcaFIWz3d7nO9a/) 16. [rawsid1106](https://siddheshphapale.live/bug-bounty-ctf/intigriti-0326.html) 17. [dr4g0n369](https://gist.github.com/dr4g0n369/046d4dddf8da7f2c8c0df0112c83a034) 18. [mrunal](https://chawdamrunal.medium.com/intigriti-march-2026-xss-challenge-writeup-chaining-3-bypasses-to-steal-admin-cookies-4e1910864582?source=friends_link\&sk=f83678bd5755bf3e8c3b5562594887e9) 19. [jumapeter736](https://medium.com/@jumapeter736/xss-via-dom-clobbering-jsonp-abuse-dompurify-misconfiguration-aed82b088730)