| Universal Code Execution by Chaining Messages in Browser Extensions |
|
|
|
| Google Extensions (Awarded $18833.7) |
|
|
|
| Scan QR Code and Got Hacked (CVE-2021–43530 : UXSS on Firefox Android Version) |
|
|
|
| Exploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library |
|
|
|
| Hacking the Apple Webcam (again) |
|
|
|
| How We Are Able To Hack Any Company By Sending Message – $20,000 Bounty [CVE-2021–34506] |
|
|
|
| Evernote: Universal-XSS, theft of all cookies from all sites, and more |
|
|
|
| Universal XSS in Android WebView (CVE-2020-6506) |
|
|
|
| Issue 1040755: Security: Another "universal" XSS via copy&paste |
|
|
|
| Indirect UXSS issue on a private Android target app |
|
|
|
| CVE-2019-17004—Semi Universal XSS affecting Firefox for iOS |
|
|
|
| Kaspersky in the Middle – what could possibly go wrong? |
|
|
|
| Steam, Fire, and Paste – A Story of UXSS via DOM-XSS & Clickjacking in Steam Inventory Helper |
|
|
|
writeups.xyz
/
Universal XSS