Back to directory
WRITEUP #3446

chaining bugs from self XSS to account takeover

XSSSelf-XSSWAF bypassCSRFAccount takeover
by@abhiunix(Behnam Yazdanpanah)
Program
-
Published
Sep 2, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@behnam.yazdanpanah/chaining-bugs-from-self-xss-to-account-takeover-82d572136bdf
RELATED WRITEUPS
Self-XSS to ATO via Site Features
XSSSelf-XSS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
CSRF Bypass Using Domain Confusion Leads To ATO
CSRFAccount takeover
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty
XSSCSRF
Self XSS + Login CSRF + OAuth = Account Takeover
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat