Websockets | writeups.xyz

Title	Vulnerabilities	Programs	Authors
CSWSH Meets LLM Chatbots	LLM Chatbot Websockets Cross-Site WebSocket Hijacking (CSWH)	Undisclosed	Sachin Sharma
Collabora Online Stored XSS (CVE-2024-29182)	Stored XSS Websockets	Collabora Productivity	Cyllective (@Cyllective)
How I made 7K on Epic Games Bug Bounty	RCE Websockets	Epic Games	SynapticSpace
CVE-2023-22524: RCE Vulnerability in Atlassian Companion for macOS	RCE MacOS Websockets Thick Client Security Code Review	Atlassian	Ron Masas (@RonMasas)
[CVE-2023-32695] Socket.IO DoS Trought Javascript Property Manipulation on WebSockets	DoS Websockets Security Code Review	Socket.IO	Rafael Da Costa Santos (@Rafabyte_)
Rendezvous with a Chatbot: Chaining Contextual Risk Vulnerabilities	Chatbot Websockets Cross-Site WebSocket Hijacking (CSWH) Captcha Bypass	Undisclosed	Abeer Banerjee (@Bugasur)
CHECKMATE	Websockets Logic Flaw	Chess.com	Oded Vaanunu Roman Zaikin (@R0m4nZ41k1n) Dan Lasker
Decoding BlazorPack	Websockets	Undisclosed	Rogan Dawes (@RoganDawes)
CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated Remote Code Execution	Websockets RCE Arbitrary File Write Path Traversal	OnlyOffice	Iain Wallace (@Strawp)
Gaining access through error-based SQLi using WebSockets	SQL Injection Websockets Password Reset	Undisclosed	Bitcrack (@Bitcrack_cyber)

Page 1 of 1