some things I don't understand about the challenge

I found an xss and use payload with flow, go to /whoami then extrect flag message but i always receive an "guest" message, im stuck at that step.

#web

작성자 정보

자기소개

아직 자기소개가 없습니다.

베트남 🇻🇳

2004

답변 1

It is better to use XSS in another way, rather than changing the flow directly to /whoami.

2025.08.01. 16:24