| CSRF Attack — 0 click account delete - 1st write-up |
|
|
|
| The forgotten IPFS vulnerabilities |
|
|
|
| HTMLI/XSS - Crafting a better PoC |
|
|
|
| Bypassed Cloudflare’s Web Application Firewall (WAF) |
|
|
|
| How I Earned €150 in 2 Minutes | HTML injection in email |
|
|
|
| Zero-day XSS |
|
|
|
| Microsoft Teams — Cross Site Scripting (XSS) Bypass CSP |
|
|
|
| stored XSS and stored HTML Injection in United Nations Website |
|
|
|
| HTML and Hyperlink Injection via Share Option In Microsoft Onenote Application |
|
|
|
| De-Anonymization attacks against Proton services |
|
|
|
| Security Vulnerability in GitLab: Sending Arbitrary Requests through Jupyter Notebooks |
|
|
|
| SVG SSRFs and saga of bypasses |
|
|
|
| XSS | HTML Injection and File Upload Bypass in HUAWEI Subdomain |
|
|
|
| Party time: Injecting code into Teleparty extension |
|
|
|
| SSRF & LFI In Uploads Feature |
|
|
|
| Xiaomi Execute Arbitrary JavaScript |
|
|
|
| From URL dumps digging to IDOR , BAC, Massive Phishing in Udemy |
|
|
|
| A short story of Content Spoofing to HTML Injection in Apple using Dangling Markup Injection |
|
|
|
| What would you do if Oracle’s mailing server sent you this? |
|
|
|
| Taking Over Employee Accounts by Managers with Zero Employee Interaction |
|
|
|
| Exploiting Auto-save Functionality To Steal Login Credentials |
|
|
|
| HTML Injection and a dream in Google Chrome for Linux (Write Up) |
|
|
|
| DOS & Stored HTML Injection Bug Bounty Writeup |
|
|
|
| Injecting Punycode URL Within the Arbitrary Text via Comment Box In Google Photo Sharing Option |
|
|
|
| Playing With iframes: Bypassing Content-Security-Policy |
|
|
|
writeups.xyz
/
HTML Injection