This challenge is to solve using a csrf + xss + dompurify bypss.

Korean Version : https://pocas.kr/2021/09/26/2021-09-26-DownUnderCTF-2021/#Notepad-473-pts

Original writeup (https://gist.github.com/wjddnjs33/614b73e1f8e180dcf451b1c94e041565#notepad).