Hello dear xss'er. Your xss should be in 'sudo.co.il' context.

Payload from level12 may work, depends on payload.

This untrusted content loaded from untrusted.sudo.co.il