Back to directory
WRITEUP #2178

Exploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library

XSSUniversal XSSSSRFOpen redirectWeb cache poisoning
by@samwcyo(Sam Curry)
Program
NetlifyGeminiPancakeSwapDocusignMoonpayCelo
Published
Sep 21, 2022
Added to HackDex
Sep 22, 2022
Read Full Writeuphttps://samcurry.net/universal-xss-on-netlifys-next-js-library/
RELATED WRITEUPS
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
RCEConfusion attack
Canary Token OSS Security Audit Report (Q2 2024)
XSSDoS
Universal Code Execution by Chaining Messages in Browser Extensions
XSSUniversal XSS
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Self-XSS to ATO via Site Features
XSSSelf-XSS

Built with ❤️ by Shubham Rawat