Back to directory
WRITEUP #4728

Stealing the Trello token by abusing a cross-iframe XSS on the Butler Plugin

XSS
by@theflofly(Florian Courtial)
Bounty
3,600
Program
Trello
Published
Apr 29, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://hethical.io/stealing-the-trello-token-by-abusing-a-cross-iframe-xss-on-the-butler-plugin/
RELATED WRITEUPS
Self-XSS to ATO via Site Features
XSSSelf-XSS
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack
XSS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN
XSSCSP bypass
A Story About How I Found XSS in ASUS
XSS

Built with ❤️ by Shubham Rawat