Tag feed

#csp-bypass

3 posts0 followers

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

CSP Bypass in DVWA

7h ago · 13 min read · In this post, the DVWA Content Security Policy [CSP] Bypass vulnerability is described. The objective for attacks on all levels is to bypass the CSP and execute JavaScript in the vulnerable web page.

Join discussion

OROmid Rezaeiblog.voorivex.team

1

A Weird CSP Bypass led to $3.5k Bounty

Oct 23, 2024 · 6 min read · Roughly 5 months ago, YShahinzadeh and I found an XSS vulnerability that had a weird CSP bypass leading to Account Takeover and received a $3500 bounty. The journey was quite interesting to me as it involved deep recon, reading many documents of the ...

Llinkssfan commented

NDNirmal Dahalnirmaldahal.com.np

0

Leveraging the SQL Injection to Execute the XSS by Evading CSP

Jul 12, 2022 · 3 min read · Although it sounds silly, I am dumb enough to do this. Introduction to content security policy (CSP) If you are unfamiliar with CSP, you should know more about it before reading further. The security

Join discussion

#csp-bypass

Search Hashnode

#csp-bypass

CSP Bypass in DVWA

A Weird CSP Bypass led to $3.5k Bounty

Leveraging the SQL Injection to Execute the XSS by Evading CSP