Back to directory
WRITEUP #426

Go Go XSS Gadgets: Chaining a DOM Clobbering Exploit in the Wild

XSSDOM ClobberingpostMessageCSP bypass
by@bbuerhaus(Brett Buerhaus)
Program
-
Published
Feb 23, 2024
Added to HackDex
Feb 27, 2024
Read Full Writeuphttps://buer.haus/2024/02/23/go-go-xss-gadgets-chaining-a-dom-clobbering-exploit-in-the-wild/
RELATED WRITEUPS
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN
XSSCSP bypass
Type confusion attacks in ProseMirror editors
XSSType confusion
Lessons Learned From Exposing Unusual XSS Vulnerabilities
XSSDOM XSS
Universal Code Execution by Chaining Messages in Browser Extensions
XSSUniversal XSS
Self-XSS to ATO via Site Features
XSSSelf-XSS

Built with ❤️ by Shubham Rawat