Update: Got a mail from snapdeal security team, and this vulnerability has been fixed.
';return obj;})();var str='ale'+'rt("'+'XSS ;-)")';eval(str);</script>
This pattern has mainly three parts:
Second part (in red), is just a concatenated string alert(“XSS ;-)”) stored in a variable called str. I concatenated the string because of the constraint mentioned in the first paragraph.
To further read about how a XSS vulnerability can be exploited, go through my two posts mentioned below.