writeups.xyz / Mizu (@Kevin_mizu)

Title	Vulnerabilities	Programs	Authors
Playing with DOMPurify custom elements handling	Mutation XSS Filter Bypass	DOMPurify	Mizu (@Kevin_mizu)
Linux local electron application script-src: self bypass	Electron CSP Bypass XSS RCE	Undisclosed	Mizu (@Kevin_mizu)
Abusing Client-Side Desync on Werkzeug	Client-Side Desync Attack HTTP Request Smuggling Account Takeover Open Redirect XSS	Werzeug	Mizu (@Kevin_mizu)
EJS - Server Side Prototype Pollution gadgets to RCE	Server-Side Prototype Pollution RCE Security Code Review	Node.js Third-Party Modules (EJS)	Mizu (@Kevin_mizu)
How I was able to rick roll every users on root-me.org	XSS	Root-Me	Mizu (@Kevin_mizu)

Page 1 of 1