Back to directory

WRITEUP #385

The story of exposed service, SSRF, CSP bypass and credentials stealing via XSS

SSRFHTML injectionCSP bypassXSS

by@_bergee_(Bartłomiej Bergier)

Bounty

200

Program

-

Published

Mar 20, 2024

Added to HackDex

May 8, 2024

Read Full Writeuphttps://bergee.it/blog/the-story-of-exposed-service-ssrf-csp-bypass-and-credentials-stealing-via-xss/

▸ RELATED WRITEUPS

Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Canary Token OSS Security Audit Report (Q2 2024)

Type confusion attacks in ProseMirror editors

XSSType confusion

The PDF Trojan Horse: Leveraging HTML Injection for SSRF and Internal Resource Access

SSRFHTML injection

Built with ❤️ by Shubham Rawat