Back to directory

WRITEUP #3818

Playing With iframes: Bypassing Content-Security-Policy

OtherCSP bypassOpen redirectHTML injection

by@jmrcsnchz(JM Sanchez / 0xEchidonut)

Program

-

Published

Apr 20, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://jmrcsnchz.medium.com/playing-with-iframes-bypassing-content-security-policy-987c2f0b8e8a

▸ RELATED WRITEUPS

500$ From Meta by reporting a HTMLi(Accidental Bug)

OtherHTML injection

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Built with ❤️ by Shubham Rawat