Back to directory
WRITEUP #2747

Privileged account creation via Mass Assignment towards a full compromise using a Stored XSS

XSSStored XSSMass assignmentSecurity code review
by@AethliosIK(Aethlios)
Program
pass Culture
Published
Apr 26, 2022
Added to HackDex
Jan 9, 2023
Read Full Writeuphttps://www.aeth.cc/public/Article-Pass-Culture/mass-assignment-article-en.html
RELATED WRITEUPS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
Front-End Frameworks: When Bypassing Built-in Sanitization Might Backfire
XSSClient-side Path Traversal
Stored XSS in LibreOffice
XSSStored XSS
Persistent XSS on Microsoft Bing.com by poisoning Bingbot indexing
XSSStored XSS
Government Emails at Risk: Critical Cross-Site Scripting Vulnerability in Roundcube Webmail
XSSSecurity code review

Built with ❤️ by Shubham Rawat