writeups.xyz / How we escalated a DOM XSS to a sophisticated 1-click Account Takeover for $8000 - Part 1

Submitter : c2a

Date: 6 April 2024

Bounty : 8,000

Vulnerabilities :

• DOM XSS
• Account Takeover
• OAuth

Programs :

• Undisclosed

Authors :

• Benasin (@Benasin3)
• LongTheShrimp (@LongShrimp0812)

Link :
https://thefrogsec.github.io/2024/04/06/How-we-escalated-a-DOM-XSS-to-a-sophisticated-1-click-Account-Takeover-for-8000-Part-1/