A subdomain of Mozilla.org has several XSS vulnerabilities and an HTTP Response Splitting vulnerability.This article illustrates the exploitation of an HRS (HTTP Response Splitting) in order to elevate it in a reflected XSS through a concrete example: Mozilla. When searching for vulnerable (sub)-domains as part of a Bug Bounty program, the subdomain dictionary attack. Read more
Self-XSS are a very special case of XSS, where the victim and the attacker as one and the same person. The attacker is able to execute an injection in the browser, but only he can do. How to raise and exploit such injection to gain criticality?
tl; dr: Use WYSINWYC technique to.Read more
The generic error page of the Red Hat customer portal suffers from a Cross-Site Scripting vulnerability to steal users credential in plaintext.As part of my personal projects, as during my professional activity, it is not uncommon that I sign on RedHat sites to download resources (or find solutions to more or less twisted bugs. Read more
SSO authentication page of one of Fortigate IdP presents a Cross-Site Scripting vulnerability which can be used to steal user credentials in plaintext.Companies and current majors turn increasingly to identity federation. A central and single repository containing users credentials (login / password) like LDAP, AD, etc., a single web application centralized authentication (commonly referred to IdP for. Read more