writeups.xyz / Steam, Fire, and Paste – A Story of UXSS via DOM-XSS & Clickjacking in Steam Inventory Helper

Submitter : c2a

Date: 8 June 2018

Bounty : undisclosed

Vulnerabilities :

• DOM XSS
• Universal XSS
• Clickjacking
• Browser Extension Hacking

Programs :

• Undisclosed

Authors :

• Matthew Bryant (@IAmMandatory)

Link :
https://thehackerblog.com/steam-fire-and-paste-a-story-of-uxss-via-dom-xss-clickjacking-in-steam-inventory-helper/index.html