| How i found an Stored XSS on Google Books |
|
|
|
| 22.6k+ GitHub Stars Note-Taking App Hit by XSS Vulnerability |
|
|
|
| Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services |
|
|
|
| ATO | How I exploited security issue to take over admin account |
|
|
|
| Playing Dominos with Moodle's Security (1/2) |
|
|
|
| $1000 for a simple Stored XSS |
|
|
|
| Recon only bugs are sweet! |
|
|
|
| Bug Writeup: Stored XSS to Account Takeover (ATO) via GraphQL API |
|
|
|
| Account Takeover: Unraveling IDOR + Stored XSS Flaws in an NFT Marketplace |
|
|
|
| Stored XSS via Exif Data |
|
|
|
| My first bounty on Synack Red Team |
|
|
|
| Kanboard - Spraying Malicious Tasks Across all Projects |
|
|
|
| Turning a 50$ Tab-Nabbing vulnerability into a 1000$ Account takeover |
|
|
|
| A short white box code audit of avo |
|
|
|
| How a simple Directory Listing leads to PII Data Leakage, Remote Code Execution and many more vulnerabilities on a HR management subdomain |
|
|
|
| Bug Bounty Writeup: Stored XSS Vulnerability WAF Bypass |
|
|
|
| CVE-2023-1767 - Stored XSS on Snyk Advisor service can allow full fabrication of npm packages health score |
|
|
|
| Stored Cross-Site Scripting (XSS) in Zimbra version 8.8.15_GA_4059 CVE-2022-41348 |
|
|
|
| It’s a (SNMP) Trap: Gaining Code Execution on LibreNMS |
|
|
|
| CVE-2023–1410 : Stored XSS in the Graphite Function Description tooltip |
|
|
|
| Self XSS To Stored Through IDOR/ |
|
|
|
| Interesting Stored XSS in sandboxed environment to Full Account Takeover |
|
|
|
| Securing Open-Source Solutions: A Study of osTicket Vulnerabilities |
|
|
|
| MyBB <= 1.8.31: Remote Code Execution Chain |
|
|
|
| CSRF + Stored XSS Leading to Full Account Takeover |
|
|
|
writeups.xyz
/
Stored XSS