| $1600 Bounty on a Main Domain |
|
|
|
| Story of a 1000$ Open Redirect |
|
|
|
| Looking for vulnerabilities in Strapi (CVE-2024-34065) |
|
|
|
| ExpressionEngine, Version 7.3.15 |
|
|
|
| NCIIPC VDP Bug : Open Redirection Vulnerability In Govt. Site !! |
|
|
|
| URL Redirection To DOM XSS on Hackerone Programs — Bug Bounty Tuesday |
|
|
|
| OAuth 2.0 Redirect URI Validation Falls Short, Literally |
|
|
|
| Discovering 7 Open Redirect Bypasses and 3 XSS Bypasses Within a Single Program Using the Same Parameters |
|
|
|
| Leaking Jupyter instance auth token chaining CVE-2023-39968, CVE-2024-22421 and a chromium bug |
|
|
|
| Reversing Citrix Gateway for XSS |
|
|
|
| How I hacked NASA and got 8 bugs ? |
|
|
|
| The Old, The New and The Bypass - One-click/Open-redirect to own Samsung S22 at Pwn2Own 2022 |
|
|
|
| Reflected XSS Injection & Permanent Open Redirection |
|
|
|
| Abusing Client-Side Desync on Werkzeug |
|
|
|
| Exploit an unexploitable XSS via an open redirect — A Real-Life Scenario from a Hacker’s Mindset |
|
|
|
| Stored Iframe Injection & Permanent Open Redirection - Zero Day |
|
|
|
| Bypassing open redirect protection site-wide on web2py applications |
|
|
|
| My First Bug, Open redirect at Epic Games → $500 Bounty |
|
|
|
| My Journey to Nokia Hall of Fame in just 10 minutes |
|
|
|
| OAuth 2.0 Authentication Misconfiguration |
|
|
|
| Bypassing Safe-Redirect in Rails 7.0 |
|
|
|
| GitHub Security Lab audited DataHub: Here’s what they found |
|
|
|
| Traveling with OAuth - Account Takeover on Booking.com |
|
|
|
| draw.io CVEs |
|
|
|
| Chaining Bugs to get my First Bug Bounty |
|
|
|
writeups.xyz
/
Open Redirect