Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3497DOM XSS Walkthrough DOM XSS NA Youssef Lahouifi (@YLahouifi) Bug Bounty2020-05-062023-06-13
3495DOM-Based XSS at accounts.google.com by Google Voice Extension. DOM XSS Google missoum1307 (@missoum1307) Bug Bounty2020-05-072023-06-13
3493$20000 Facebook DOM XSS DOM XSS Meta / Facebook Vinoth Kumar (@vinodsparrow) Bug Bounty2020-05-072023-06-13
3349Blast from the past: Cross Site Scripting on the AWS Console DOM XSS Amazon Johann Rehberger (wunderwuzzi23) Bug Bounty2020-07-012023-06-13
3305Hunting postMessage Vulnerabilities postMessage DOM XSS Apple Google (Youtube) Adobe Gary O%27Leary-Steele (@garyoleary) Bug Bounty2020-07-142023-06-13
2772Security and Privacy of Social Logins (II): PostMessage Security in Single Sign-On DOM XSS postMessage DOM XSS SAP The New York Times CNET Louis Jannett (@iphoneintosh) Bug Bounty2021-02-222023-06-13
2436Finding DOM Polyglot XSS in PayPal the Easy Way DOM XSS CSP bypass Paypal Gareth Heyes (@garethheyes) Bug Bounty2021-06-302023-06-13
2359Multi Domain DOM Cross Site Scripting DOM XSS NA Sam Paredes (@caffeinevulns) Bug Bounty2021-08-012023-06-13
22435 Different Vulnerabilities in Google’s Threadit DOM XSS Clickjacking Privilege escalation Information disclosure Google Thomas Orlita (@ThomasOrlita) Bug Bounty2021-09-072023-06-13
2159Stumbling across a DOM XSS on google.com DOM XSS Google tkiela (@svennergr) Bug Bounty2021-10-102023-06-13
1854Solving DOM XSS Puzzles DOM XSS NA Eugene Lim (@spaceraccoonsec) Bug Bounty2022-02-032023-06-13
1850What Bypassing Razer%27s DOM-based XSS Patch Can Teach Us DOM XSS Razer EdOverflow (@EdOverflow) Bug Bounty2022-02-052023-06-13
1551Hacking Swagger-UI - from XSS to account takeovers DOM XSS Account takeover Shopify Paypal GitLab Atlassian Yahoo! / Verizon Media Microsoft Jamf Dawid Moczadło (@kannthu1) Bug Bounty2022-05-162023-06-13
1237DOM Cross-Site Scripting Via postMessage in AnnounceKit DOM XSS Announcekit Lorenzo Stella (@lorenzostella) Bug Bounty2022-08-122023-06-13
878How I Get 5x Swag From Sony DOM XSS Directory listing Default credentials Information disclosure Sony Naeem Ahmed Sayed (@0xNaeem) Bug Bounty2022-11-022023-06-13
829Winning QR with DOM-Based XSS | Bug Bounty POC DOM XSS NA Haroon Hameed (@HaroonHameed40) Bug Bounty2022-11-152023-06-13
736A $$$ worth of cookies! | Reflected DOM-Based XSS | Bug Bounty POC DOM XSS NA Haroon Hameed (@HaroonHameed40) Bug Bounty2022-12-032023-06-13
679How I was able to steal users credentials via Swagger UI DOM-XSS DOM XSS Old components with known vulnerabilities NA Mohamed Reda (@M0x0101) Bug Bounty2022-12-182023-06-13
657$350 XSS in 15 minutes DOM XSS JSONP NA Anton (@therceman) Bug Bounty2022-12-232023-06-13
622Fetch Diversion DOM XSS NA Nicolas Christin (@acut3hack) Bug Bounty2023-01-032023-06-13
581DOM-Based XSS for fun and profit $$$! | Bug Bounty POC DOM XSS NA Haroon Hameed (@HaroonHameed40) Bug Bounty2023-01-172023-06-13
498postMessage DOM XSS vulnerability in Gartner Peer Insights widget postMessage DOM XSS Gartner Gradle LogRhythm SentinelOne Synopsys Veeam Vodafone Black Kite ReversingLabs Tata Communications Justin Steven (@justinsteven) Bug Bounty2023-02-042023-06-13
405How I found DOM-Based XSS on Microsoft MSRC and How they fixed it DOM XSS Microsoft Supakiad S. (@Supakiad_Mee) Bug Bounty2023-02-232023-06-13
400Microsoft Azure Account Takeover via DOM-based XSS in Cosmos DB Explorer Account takeover DOM XSS Microsoft (Azure) Ngo Wei Lin (@Creastery) Bug Bounty2023-02-242023-06-13
264My Journey to Nokia Hall of Fame in just 10 minutes DOM XSS Open redirect Nokia Rajdip Bug Bounty2023-03-272023-06-13