| Bidding Like a Billionaire - Stealing NFTs With 4-Char CSTIs |
|
|
|
| From AngularJS CSTI to credentials theft |
|
|
|
| SSO Gadgets II: Unauthenticated Client-Side Template Injection to Account Takeover using SSO Gadget Chain |
|
|
|
| Popping Tags: Exploiting Template Injections in PRTG Network Monitor |
|
|
|
| FabriXss (CVE-2022-35829): How We Managed to Abuse a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer |
|
|
|
| Stored XSS in Nvidia via Angular JS template injection |
|
|
|
| AngularJS Client-Side Template Injection: The orderBy Filter. |
|
|
|
| XSS via Angular Template Injection |
|
|
|
| An unusual way to find XSS injection in one minute |
|
|
|
| C.S.T.I Lead To Account Takeover $$$ |
|
|
|
| Finding Zero-Day Vulnerabilities in the Supply Chain |
|
|
|
| XSS in the AWS Console |
|
|
|
| The beauty of chaining client-side bugs |
|
|
|
| How I earned $$$$ through Stored XSS |
|
|
|
| Leveraging Template injection to takeover an account. |
|
|
|
| "Important, Spoofing" - zero-click, wormable, cross-platform remote code execution in Microsoft Teams |
|
|
|
| Reflected XSS on Microsoft.com via Angular Js template injection |
|
|
|
| The Secret sauce of bug bounty |
|
|
|
| Reflected XSS via AngularJS Template Injection |
|
|
|
| XSS without HTML: Client-Side Template Injection with AngularJS |
|
|
|
writeups.xyz
/
CSTI