Sergio Medeirosgrumpz.net·Jun 12, 2024CVE-2024-37629: Simple XSS Payload Exploits 0day Vulnerability in 10,000 Web AppsLate one night, after working on a couple of bug bounty platforms, I decided to revisit a CVE I found last month. I realized that the web application had implemented the Summernote WYSIWYG Editor, which was the root cause of the stored XSS vulnerabil...11 likes·1.4K readsbugbountyAdd a thoughtful commentNo comments yetBe the first to start the conversation.