XSS with -prompt`1`-

I was looking for xss vulnerabilities in a bitcoin exchange and came across a url like:


I tried the standard cheat sheet to check for vulns in the ‘amount’ parameter, which was being directly displayed in the webpage. But it had heavy WAF of cloudfare and I kept getting a 403 error. Now I modified it as :


Now, I was able to make the content of ‘amount’ columns as -prompt1-. But I can’t make a pop-up appear. Is this page vulnerable to xss? How to exploit it?