welcome to this challange
main objective is to use a xss with 0 click to steal the "flag" from the /data.php page.
it has to be a realistic exploit so no Inspect Element.
difficulty "medium"
flag location
First name: