writeups.xyz / The story of exposed service, SSRF, CSP bypass and credentials stealing via XSS

Submitter : c2a

Date: 20 March 2024

Bounty : 200

Vulnerabilities :

• SSRF
• HTML Injection
• CSP Bypass
• XSS

Programs :

• Undisclosed

Authors :

• Bartłomiej Bergier (@_Bergee_)

Link :
https://bergee.it/blog/the-story-of-exposed-service-ssrf-csp-bypass-and-credentials-stealing-via-xss/