| How Private Cache Can Lead to Mass Account Takeover – pentest case |
|
|
|
| Exploiting XSS in hidden inputs and meta tags |
|
|
|
| Linux local electron application script-src: self bypass |
|
|
|
| Multiple vulnerabilities on Chamilo 1.11.18 |
|
|
|
| Multiple Vulnerabilities In Cockpit CMS <= V2.5.2 |
|
|
|
| How I hacked NASA and got 8 bugs ? |
|
|
|
| Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames |
|
|
|
| My First Bug: A Unique $500 XSS. |
|
|
|
| XSS in GMAIL Dynamic Email (AMP for Email) |
|
|
|
| Abusing Client-Side Desync on Werkzeug |
|
|
|
| Breaking TikTok: Our Journey to Finding an Account Takeover Vulnerability |
|
|
|
| Exploit an unexploitable XSS via an open redirect — A Real-Life Scenario from a Hacker’s Mindset |
|
|
|
| XSS in WordPress via open embed auto discovery |
|
|
|
| XSS Via Qr Code |
|
|
|
| how I found a tricky XSS |
|
|
|
| Official extension spoofing attacks: when trusted add-ons are not so trusted |
|
|
|
| Triple Threat: Breaking Teltonika Routers Three Ways |
|
|
|
| Discovery of an XSS on Opera |
|
|
|
| How I discovered XSS via triple URL encode |
|
|
|
| Size matters! When capital letters introduce vulnerabilities |
|
|
|
| Odoo: Get your Content Type right, or else! |
|
|
|
| 2 XSS on Microsoft |
|
|
|
| Turning Vulnerability into Bounty: How CVE-2020–17453 XSS Earned Me a $500 Bounty |
|
|
|
| How do I get cross site scripting(“xss”) in “Nokia” |
|
|
|
| How ChatGPT helped me find a bug |
|
|
|
writeups.xyz
/
XSS