This website samples the Gartner Peer Insights widget in various ways. It is intended to be an intentionally "pwnable" site. For more information see the writeup titled Gartner Peer Insights widget - postMessage DOM XSS vulnerability.

There are three pages on this site which incorporate various versions of the Gartner Peer Insights widget.

• demo1.html - Sources a vendored copy of the Gartner Peer Insights widget source code, taken before 19 December 2022. This is before Gartner had patched the reported issue.
• demo2.html - Sources a vendored copy of the Gartner Peer Insights widget source code, taken between 19 December 2022 and 14 Jan 2023. This is as of when Gartner had tactically fixed the issue, preventing exploitation from websites other than *.gartner.com.
• demo3.html - Sources a vendored copy of the Gartner Peer Insights widget source code, taken between 14 January 2023 and 26 January 2023. This is as of when Gartner had attempted to fix the issue, preventing exploitation from websites other than four specific gartner.com websites and requiring a sanitisation bypass.
• demo4.html - Sources a vendored copy of the Gartner Peer Insights widget source code, taken after 2 February 2023. This is as of when Gartner had issued a final fix, improving the sanitisation.
• demo-live.html - Sources a live copy of the current Gartner Peer Insights widget source code straight from gartner.com (Identital to demo4.html as of the time of writing)