Recently I was going through a number of Bug Bounty programs looking for one particular weakness. The weakness I was focusing on is called Open Redirect (or Insecure Redirect). The most common form of this is where a user tries to load a page which requires them to be logged in. On many websites this … Continue reading Bypassing XSS filters
Tag: XSS
Critical stored XSS vulnerabilities found in popular webmail client
Imagine if simply opening an email could result in the entire contents of your mailbox being stolen. That's exactly what was possible on this popular webmail client used by millions of email addresses around the world. Let me demonstrate what I found...
Ben Richardson 