Use this page to craft and send postMessage payloads to the vulnerable StatusHub widget.
window.addEventListener('message', function(event) {
var data;
try {
data = typeof event.data === 'string' ? JSON.parse(event.data) : event.data;
} catch(e) {
return;
}
if (!data || !data.type) return;
if (data.type === 'STATUS_UPDATE') {
widgetContent.innerHTML = data.content;
} else if (data.type === 'METRIC_PUSH') {
console.log('[StatusHub] Metric received:', data.metric, data.value);
} else if (data.type === 'THEME_CHANGE') {
document.body.setAttribute('data-theme', data.theme || 'dark');
}
});