Type confusion attacks in ProseMirror editors

Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN

Stored XSS in LibreOffice

Persistent XSS on Microsoft Bing.com by poisoning Bingbot indexing

Canary Token OSS Security Audit Report (Q2 2024)

Self-XSS to ATO via Site Features