Introduction: Hello everyone, Today I’d like to share an interesting bug bounty tip with you. In the realm of hunting for vulnerabilities, it’s not uncommon to encounter numerous obstacles that hinder your progress. These challenges might obscure your vision of the situation. However, stepping out from this trap is the […]
$ Introduction: Here we are again !! BugPOC team doesn’t stop impressing us by their commitment. Last time, we dealt with a local file inclusion (LFI). This time, a new XSS challenge made with love. This one is close enough to the real world of bug bounty, and it’s worth […]
I found a stored XSS in a private program (I can’t mention it). A user can add a favorite article to his/her watch list to keep track of them for future use. As an attacker, the request was interecepted, and a malicious javascript is inserted in its parameters. This makes […]