Tag: XSS

From empty page to POST based JSON XSS

Hello bug bounty hunters . This is Daoud Youssef a part time bug bounty hunter and Co-founder of flawminers.com . Today I would like to show you a vulnerability I have discovered recently and it has small tips and tricks could be useful to anyone found the same vulnerability so let’s begin .I have been invited to a…

January 30, 2024
How I found RXSS in Facebook, Twitter and Google training academy

Introduction On December 23, 2019, I received an email from Facebook Workplace introducing the ‘New Workplace Academy,’ which directed me to the domain ‘https://training.wplearn.com.’ While investigating this domain, I discovered it utilized a third-party service called ‘Intellum.’ During my testing, I identified a reflected XSS vulnerability in the login functionality of the site. Further research…

January 17, 2024

From empty page to POST based JSON XSS