Cross Site Scripting (XSS) Reflected in one of the subdomains of “General Motors”(Bugbounty)

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

Self-XSS to ATO via Site Features

How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack

Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN

A Story About How I Found XSS in ASUS