The question is: What was the parameter that attacked?
I’m unsure what it is asking for. I tried using the hint ( Get unstuck?) and that didn’t shed any light. Maybe it’s because I don’t know all the different types of parameters that can be used for an attack in an open re-direction. Any help is appreciated.
In a access.log file go over to those GET requests that have the encoded characters after the parameter that’s the parameter the question is asking for, and match it with the hint (Get unstuck?), hopefully this helps.
After reading your reply and many thanks, it dawned on me and I was overlooking the answer. Completed and moving on.
Glad to know this helps.