Alibaba | writeups.xyz

Title	Vulnerabilities	Programs	Authors
GitHub Actions Exploitation: Repo Jacking And Environment Manipulation	Repojacking Supply Chain Attack	Microsoft (Azure) Swagger Google (Firebase) Alibaba	Hugo Vincent (@Hugow_vincent)
#BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services	Cloud RCE Container Escape Kubernetes Privilege Escalation Lateral Movement Supply Chain Attack Cross-Tenant Vulnerability	Alibaba	Ronen Shustin (@Ronenshh) Shir Tamari (@Shirtamari)
Stored XSS in message.alibaba.com ($2,000)	Stored XSS	Alibaba	R Ando (@Rando02355205)
Bug Hunting Journey of 2019	XSS Privilege Escalation Information Disclosure	Alibaba Yahoo! / Verizon Media	Sudhanshu Rajbhar (@Sudhanshur705)
Story about my first bug bounty	XSS	Alibaba	Sudhanshu Rajbhar (@Sudhanshur705)
AliExpress XSS vulnerability - take over any seller account	XSS	Alibaba	Barak Tawily (@Quitten11)

Page 1 of 1