Back to directory
WRITEUP #5782

Applying a small bypass to steal Facebook Session tokens in Uber

XSSCSP bypassOAuth
by@saamux(Samuel)
Bounty
2,000
Program
Uber
Published
Oct 2, 2018
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@saamux/applying-a-small-bypass-to-steal-facebook-session-tokens-in-uber-5b9638b7a18c
RELATED WRITEUPS
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN
XSSCSP bypass
Over 1 Million websites are at risk of sensitive information leakage - XSS is dead. Long live XSS
XSSOAuth
Type confusion attacks in ProseMirror editors
XSSType confusion
Self-XSS to ATO via Site Features
XSSSelf-XSS
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack
XSS

Built with ❤️ by Shubham Rawat