Mattermost Server v5.32 > v5.36 Reflected XSS in OAuth flow

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

Over 1 Million websites are at risk of sensitive information leakage - XSS is dead. Long live XSS

Self-XSS to ATO via Site Features

How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack

Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN