Are there any other available hints for this? I know where I think to pull more strings but so far no success and I don't want to give too much away on this forum. Is it possible to PM regarding this?
I'm not sure what you mean by "pull more strings" exactly, but just a note that this is not a SQL or XSS injection vulnerability, and this challenge is solvable using just the developer tools in your browser. If you need any more hints you can PM me.