writeups.xyz
/
Brian Hyde (@0xHyde)
Title
Vulnerabilities
Programs
Authors
Frappé Technologies ERPNext Server Side Template Injection
SSTI
ERPNext
Brian Hyde (@0xHyde)
Yahoo — Two XSSi vulnerabilities chained to steal user information. ($750 Bounty)
XSSI
Yahoo! / Verizon Media
Brian Hyde (@0xHyde)
Bug Bounty: Fastmail
Blind SSRF
Blind XXE
Fastmail
Brian Hyde (@0xHyde)
Phishing with history.back() open redirect
Open Redirect
Undisclosed
Brian Hyde (@0xHyde)
Page 1 of 1
writeups.xyz
/
Brian Hyde (@0xHyde)