This is a PoC to demonstrate a postMessage vulnerability on .
postMessage
window.open
Any postMessage data sent back to this page will be printed below: