Back to directory
WRITEUP #2508

Microsoft Teams — Cross Site Scripting (XSS) Bypass CSP

XSSCSP bypassHTML injection
by@numanturle(Numan Turle)
Bounty
6,000
Program
Microsoft
Published
Jul 13, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@numanturle/microsoft-teams-stored-xss-bypass-csp-8b4a7f5fccbf
RELATED WRITEUPS
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN
XSSCSP bypass
Type confusion attacks in ProseMirror editors
XSSType confusion
Self-XSS to ATO via Site Features
XSSSelf-XSS
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack
XSS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS

Built with ❤️ by Shubham Rawat