Back to directory
WRITEUP #262

Exfiltrating Data from Sandboxed Documents

XSSpostMessageDOM XSSCSP bypass
by@pmofcats(Monke)
Program
-
Published
Jun 14, 2024
Added to HackDex
Jul 15, 2024
Read Full Writeuphttps://www.monke.ie/p/exfiltrating-data-from-sandboxed-documents
RELATED WRITEUPS
Lessons Learned From Exposing Unusual XSS Vulnerabilities
XSSDOM XSS
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN
XSSCSP bypass
Type confusion attacks in ProseMirror editors
XSSType confusion
Universal Code Execution by Chaining Messages in Browser Extensions
XSSUniversal XSS
Self-XSS to ATO via Site Features
XSSSelf-XSS

Built with ❤️ by Shubham Rawat