Back to directory
WRITEUP #2710

The Underrated Bugs, Clickjacking, CSS Injection, Drag-Drop XSS, Cookie Bomb, Login+Logout CSRF…

Auth BypassCSS injectionClickjackingAccount takeoverXSSCookie bombSelf-XSSCSRF
by@RenwaX23(Renwa)
Bounty
3,850
Program
-
Published
May 10, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@renwa/the-underrated-bugs-clickjacking-css-injection-drag-drop-xss-cookie-bomb-login-logout-csrf-84307a98fffa
RELATED WRITEUPS
Self-XSS to ATO via Site Features
XSSSelf-XSS
Self XSS + Login CSRF + OAuth = Account Takeover
Auth BypassAccount takeover
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
CSRF Bypass Using Domain Confusion Leads To ATO
CSRFAccount takeover

Built with ❤️ by Shubham Rawat