Back to directory
WRITEUP #209

Self XSS + Login CSRF + OAuth = Account Takeover

Auth BypassAccount takeoverOAuthLogin CSRFSelf-XSS
by@Loupreme_(LS)
Program
-
Published
Jul 2, 2024
Added to HackDex
Aug 26, 2024
Read Full Writeuphttps://medium.com/@l_s_/self-xss-login-csrf-oauth-account-takeover-6357f3395b49
RELATED WRITEUPS
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center
Auth Bypass2FA / MFA bypass
Forced SSO Session Fixation
Auth BypassSSO
Account takeover on 8 years old public program
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat