Osama Avvan (@Osamaavvan)

Title	Vulnerabilities	Programs	Authors
Unauthenticated GraphQL Introspection and API calls	GraphQL Missing Authentication	Undisclosed	Osama Avvan (@Osamaavvan)
Exploiting WebSocket [Application Wide XSS / CSRF]	XSS CSRF	Undisclosed	Osama Avvan (@Osamaavvan)
Exploiting JSONP and Bypassing Referer Check	Information Disclosure JSONP	Undisclosed	Osama Avvan (@Osamaavvan)
CORS To CSRF Attack	CORS Misconfiguration CSRF	Undisclosed	Osama Avvan (@Osamaavvan)
$1800 worth Clickjacking	Clickjacking	Undisclosed	Osama Avvan (@Osamaavvan)
Account Takeover with Clickjacking	Clickjacking	Undisclosed	Osama Avvan (@Osamaavvan)
Bypassing XSS filter and Stealing User Payment Data	XSS	Undisclosed	Osama Avvan (@Osamaavvan)
Stealing Cookies to Login in any Account	Cookie Theft	Undisclosed	Osama Avvan (@Osamaavvan)

Page 1 of 1