SKSreeram K Sincode-as-a-story.hashnode.dev·3d ago · 6 min readWhat is XSS (Cross-Site Scripting)?Story Time Imagine your office has a public notice board where anyone can walk up and pin messages like “Team lunch at 1 PM” and “Meeting moved to 3 PM”. Everyone trusts this board and whatever is wri00
LTLưu Tuấn Anhinblog.fiscybersec.com·May 21 · 9 min readNew Zero-Day on Microsoft Exchange: Just one email can steal an entire OWA login session.Risk summary Recently, a particularly severe vulnerability was discovered, causing significant concern within the security community. Just a single carefully crafted email is enough to execute malicio00
RRRoshni Rajaniinroshnirajanii.hashnode.dev·Apr 2 · 1 min readXSS happens only in Open Source is a myth.XSS is a coding mistake — not an “open source” problem. It occurs whenever user input isn’t properly validated, sanitized, or encoded, whether the code is public, private, free, or paid. Think of a we00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Mar 14 · 16 min readCSP Bypass in DVWA1 Introduction In this post, the Content Security Policy (CSP) Bypass vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the00
ZOZeroTrust Opsinnavyacyber.hashnode.dev·Dec 29, 2025 · 2 min readDay 11: Web Exploitation – Merry XSSMasThe Mission: Santa’s Makeover Malfunction Wareville has modernised Santa’s workshop with a new secure message portal for McSkidy. However, the system logs are lighting up with unusual activity—Santa’s letters are appearing as random code, and odd mes...00
TCTechSolve Centralintechsolvecentral.hashnode.dev·Aug 28, 2025 · 1 min readProtect Your Laravel App from XSS Attacks with These Pro Tips!Learn how to secure your Laravel app against XSS vulnerabilities with simple techniques, input sanitization, and admin panel security—keep your data safe and your app hacker-proof!Read the full article#Laravel #Security #XSS #WebDevelopment #PHP #Cyb...00
GSGihan Shamike Liyanageinzero-day-one.hashnode.dev·Jul 21, 2025 · 3 min readLesson 2: Stored XSS (Cross-Site Scripting) Page RedirectionStored XSS occurs when malicious scripts are permanently stored on a web server (e.g., in a database or comment field) and later executed in users’ browsers when they view the infected content. In page redirection attacks, the injected script automat...00
IAIdo Abramovinid0xa.hashnode.dev·Jul 4, 2025 · 2 min readHackTheBox - Cross-Site Scripting (XSS) - Skills Assessment WalkthroughScenario We are performing a Web Application Penetration Testing task for a company that hired you, which just released their new Security Blog. In our Web Application Penetration Testing plan, we reached the part where you must test the web applicat...00
KSKshitij Sharmainkshitijcodes.hashnode.dev·Jun 8, 2025 · 13 min readXSS Vulnerabilities in Frontend System Design: A Practical Guide for Frontend EngineersPicture this: You've just shipped a beautiful React dashboard for your SaaS product. Users are loving the new comment system, the rich text editor is working perfectly, and your PM is happy. Then, one morning, you get a Slack message that makes your ...00
SNsanket narawadeincross-site-scripting.hashnode.dev·Apr 9, 2025 · 4 min readCross-Site-ScriptingHere we will understand what is cross-site-scripting ? , what are the different types of cross-site-scripting ? , where we can find cross-site-scripting and Bypass ?, what are the impact and mitigation ? Defination When an attacker inject malicious J...00
