# 0523: It’s Fun to Review the E.C.M.A

| Name                                                                  | Authors                               | Category          |
| --------------------------------------------------------------------- | ------------------------------------- | ----------------- |
| [Intigriti May Challenge (2023)](https://challenge-0523.intigriti.io) | [Renwa](https://twitter.com/RenwaX23) | XSS, JS, WAF, API |

## Video Walkthrough

[![XSS via ES6 Reflect API - Solution to May '23 Challenge](https://img.youtube.com/vi/1iQ-oeLFZBs/0.jpg)](https://www.youtube.com/watch?v=1iQ-oeLFZBs)

## Challenge Description

> Find a way to execute arbitrary javascript on the challenge page and win Intigriti swag.

## Useful Resources

* [XSS cheatsheet](https://portswigger.net/web-security/cross-site-scripting/cheat-sheet)
* [ES6: Reflect API](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Reflect)

## Community Writeups

1. [mopasha17](https://mopasha17.medium.com/intigriti-challenge-0523-writeup-496cf3033172)
2. [blank\_cold](https://infosecwriteups.com/xss-intigriti-challenge-dae2dba1cb4c)
3. [lucac94](https://github.com/LucaC94/CTF-solutions/blob/master/Intigriti%20Challenges/Challenge%200523/Intigriti%20May%202023%20challenge-1.pdf)
4. [sekharlee](https://sekharlee.medium.com/xss-intigriti-challenge-solution-a07888a4b99f)