Back to directory
WRITEUP #2699

Hacking Swagger-UI - from XSS to account takeovers

XSSDOM XSSAccount takeover
by@kannthu1(Dawid Moczadło)
Program
ShopifyPaypalGitLabAtlassianYahoo! / Verizon MediaMicrosoftJamf
Published
May 16, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
RELATED WRITEUPS
Self-XSS to ATO via Site Features
XSSSelf-XSS
Lessons Learned From Exposing Unusual XSS Vulnerabilities
XSSDOM XSS
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack
XSS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS

Built with ❤️ by Shubham Rawat