Back to directory
WRITEUP #3040

XSS via X-Forwarded-Host header

XSSHost header injection
by@abhijeetbiswas_(Abhijeet Biswas)
Bounty
200
Program
Omise
Published
Jan 30, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@abhijeetbiswas_/xss-cross-site-scripting-via-x-forwarded-host-header-20be114d4254
RELATED WRITEUPS
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack
XSS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN
XSSCSP bypass

Built with ❤️ by Shubham Rawat