Back to directory
WRITEUP #1464

How Your NFTs Could Have Been Stolen in Just One Click

APIpostMessageGraphQL
by@PermaSecure(PermaSecure)
Program
-
Published
Mar 3, 2023
Added to HackDex
Mar 6, 2023
Read Full Writeuphttps://www.permasecure.io/2023/03/03/how-your-nfts-could-have-been-stolen-in-just-one-click/
RELATED WRITEUPS
Authorization bypass due to cache misconfiguration
APIAuthorization bypass
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
Exploiting Broken Authentication Control In GraphQL
CloudGraphQL
Lessons Learned From Exposing Unusual XSS Vulnerabilities
XSSDOM XSS
Universal Code Execution by Chaining Messages in Browser Extensions
XSSUniversal XSS

Built with ❤️ by Shubham Rawat