Back to directory
WRITEUP #3549

How I escalate my Self-Stored XSS to Account Takeover with the help of IDOR

XSSSelf-XSSIDORAccount takeover
by@gonzxph(Jefferson Gonzales)
Program
HackerEarth
Published
Jul 31, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://gonzx.medium.com/how-i-escalate-my-self-stored-xss-to-account-takeover-with-the-help-of-idor-f20733ecdbe9
RELATED WRITEUPS
Self-XSS to ATO via Site Features
XSSSelf-XSS
How I got my first $13500 bounty through Parameter Polluting (HPP)
IDORXSS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
Self XSS + Login CSRF + OAuth = Account Takeover
Auth BypassAccount takeover
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat