Dec 29, 2025 · 2 min read · The Mission: Santa’s Makeover Malfunction Wareville has modernised Santa’s workshop with a new secure message portal for McSkidy. However, the system logs are lighting up with unusual activity—Santa’s letters are appearing as random code, and odd mes...
Join discussionDec 12, 2025 · 7 min read · Cross-Site Scripting (XSS) remains one of the most deceptive and flexible web vulnerabilities because it blurs the line between user input and executable code. A single unchecked text field can allow an attacker to rewrite what a user sees, steal inf...
Join discussion
Aug 3, 2025 · 2 min read · Engagement Summary During a recent web application penetration test, I discovered a Stored Cross-Site Scripting (XSS) vulnerability by uploading a malicious SVG file containing inline JavaScript. This blog outlines how the vulnerability was discovere...
Join discussion
Apr 9, 2025 · 4 min read · Here we will understand what is cross-site-scripting ? , what are the different types of cross-site-scripting ? , where we can find cross-site-scripting and Bypass ?, what are the impact and mitigation ? Defination When an attacker inject malicious J...
Join discussion
Mar 13, 2025 · 2 min read · Introduction Cross-Site Scripting (XSS) is a common web vulnerability that allows attackers to inject malicious JavaScript into web pages. This can lead to session hijacking, data theft, or even full account takeovers. In this blog, I will walk you t...
Join discussionAug 21, 2017 · 3 min read · In this article, I am going to share a POC (Proof of Concept) on a vulnerability that I found on a popular Forum Management System by Q2A. Q2A is a free and open source content management system to cr
Join discussion
