Back to directory
WRITEUP #1671

CSRF + Stored XSS Leading to Full Account Takeover

XSSStored XSSCSRFAccount takeover
by@SirBagoza(Fares Walid)
Program
-
Published
Jan 20, 2023
Added to HackDex
Jan 23, 2023
Read Full Writeuphttps://medium.com/@bag0zathev2/csrf-stored-xss-to-leading-to-full-account-takeover-39e9a79533e3
RELATED WRITEUPS
Self-XSS to ATO via Site Features
XSSSelf-XSS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
CSRF Bypass Using Domain Confusion Leads To ATO
CSRFAccount takeover
Stored XSS in LibreOffice
XSSStored XSS
Persistent XSS on Microsoft Bing.com by poisoning Bingbot indexing
XSSStored XSS

Built with ❤️ by Shubham Rawat