function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Ajay Ghuge 6Ajay Ghuge 6 

Issue while completing Simulate a Cross-Site Scripting Attack trailhead

Getting the following issue while solving the Understand Cross-Site Scripting (XSS) trail under Understand Cross-Site Scripting (XSS) Module.

"There was an unhandled exception. Please reference ID: VNEMXUKK. Error: Faraday::ClientError. Message: INVALID_TYPE: select id from cvcs__c where name = 'xbc1' and ^ ERROR at Row:1:Column:16 sObject type 'cvcs__c' is not supported. If you are attempting to use a custom object, be sure to append the '__c' after the entity name. Please reference your WSDL or the describe call for the appropriate names."

The cvcs__c is a custom setting.
 
Best Answer chosen by Ajay Ghuge 6
Jeff DouglasJeff Douglas
It looks like you are not connected to the Kingdom Management developer org since the assessment can't find one of the custom objects. Make sure you using that org. These instructions may help:

https://www.youtube.com/watch?v=1rKrBR5qbTg

Jeff Douglas
Trailhead Developer Advocate

All Answers

Jeff DouglasJeff Douglas
It looks like you are not connected to the Kingdom Management developer org since the assessment can't find one of the custom objects. Make sure you using that org. These instructions may help:

https://www.youtube.com/watch?v=1rKrBR5qbTg

Jeff Douglas
Trailhead Developer Advocate
This was selected as the best answer
Ajay Ghuge 6Ajay Ghuge 6
Thanks Jeff !!! Able to complete the trail !!!! 
Ram SRam S
Hi Jeff,

I am using this string "<a onmouseover="alert('hello')"> Hi </a>" as input string, but i am not getting result.
do i need to make changes in code as well i am not sure, can u please help me on this issue.
i am new to SFDC development.

Thanks,
Ram 
Nachiket Deshpande 33Nachiket Deshpande 33
Use Following :
<a onmouseover="alert(\'Alert Message!!\');"> HTML Text </a>

It will work for.

Thanks,
Nachiket
Pavlo ShchurPavlo Shchur
<a> vulnarable text </a>
<img src=x onmouseover="alert(\'Reflected XSS\');"></img>

 
NISHANT HARSHNISHANT HARSH
Thanks Nachiket and Pavlo,

The answer helped me.
Can anyone help me understand why have we used /'  inside alert. I mean how is it making any difference when we are using alert inside onmouseover?

Thanks,
Nishant
Devender Baghel 8Devender Baghel 8
You can resolve this issue by using below code in XSS attack box

<A onmouseover="alert('Here!')" href="">hello</A>