Back to directory
WRITEUP #4149

Chaining CORS by Reflected xss to Account takeover #My first Blog

XSSCORS misconfigurationReflected XSSAccount takeover
by@killmongar1996(Santosh Kumar Sha)
Program
-
Published
Dec 26, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://notifybugme.medium.com/chaining-cors-by-reflected-xss-to-account-takeover-my-first-blog-5b4f12b43c70
RELATED WRITEUPS
Self-XSS to ATO via Site Features
XSSSelf-XSS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack
XSS
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN
XSSCSP bypass

Built with ❤️ by Shubham Rawat