| Phantom Secrets: Undetected Secrets Expose Major Corporations |
|
|
|
| RCE via LDAP truncation on hg.mozilla.org |
|
|
|
| Jit-Picking: Differential Fuzzing of JavaScript Engines |
|
|
|
| Scan QR Code and Got Hacked (CVE-2021–43530 : UXSS on Firefox Android Version) |
|
|
|
| But You Told Me You Were Safe: Attacking The Mozilla Firefox Renderer (Part 1) |
|
|
|
| Two faces of a same PDF document |
|
|
|
| Bypassing Firefox's HTML Sanitizer API |
|
|
|
| Moderation Filter Bypass in support.mozilla.org |
|
|
|
| Bypassing CSP with dangling iframes |
|
|
|
| IDOR in support.mozilla.org through Code Review |
|
|
|
| How I Am Able To Crash Anyone’s Mozilla Firefox Browser By Sending An Email |
|
|
|
| This shouldn't have happened: A vulnerability postmortem |
|
|
|
| "A tale of making internet pollution free" - Exploiting Client-Side Prototype Pollution in the wild |
|
|
|
| DeepSurface Security Advisory: LPE in Firefox on Windows |
|
|
|
| A fever Worth 750$- [Accessing Private Projects ] |
|
|
|
| mXSS in support.mozilla.org |
|
|
|
| XSS via postMessage in chat.mozilla.org |
|
|
|
| A short story about an XSS in chat.mozilla.org (CVE-2021-21320) |
|
|
|
| Guest Blog Post: Leaking silhouettes of cross-origin images |
|
|
|
| Leaking Browser URL/Protocol Handlers |
|
|
|
| Firefox: How a website could steal all your cookies |
|
|
|
| Guest Blog Post: Rollback Attack |
|
|
|
| Firefox for Android: LAN Based Intent Triggering |
|
|
|
| The Curious Case of Copy & Paste – on risks of pasting arbitrary content in browsers |
|
|
|
| CVE-2019-17004—Semi Universal XSS affecting Firefox for iOS |
|
|
|
writeups.xyz
/
Mozilla