pull down to refresh
83 sats \ 2 replies \ @WeAreAllSatoshi 15 Mar \ on: Can you spot the XSS vulnerability? security
Rendering the filter query inside of HTML markup without being sanitized is my guess. All user input is evil
Yes but it doesn’t sound like this should be missed by most bug hunters 🤔
The exploitation method showcased in this example is commonly overseen by most bug bounty hunters, as they’re not aware of the possibility to pass your malicious XSS payload in this different format!
reply
Agree, it’s just the first thing that I saw
reply