- Published on
Reflected XSS via dom clobbering
Ctf
- Published on
Arbitrary JS execution through improperly implemented Excel formulas- Published on
Arbitrary JS execution via prototype poisoning and unicode surrogate pair characters.- Published on
Achieving sensitive data leak via XSS- Published on
Achieving arbitrary javascript execution via prototype pollution- Published on
Exposing the hidden flag via catastrophic backtracking in the regex expression- Published on
Exposing the hidden flag via improper sanitization of HTML and Chrome developer protocol- Published on
Exposing the hidden flag via improper handling of query parameters and blacklisting