all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Bypassing CSP with dangling iframes

Add to bookmarks
June 14, 2022, 2 p.m. |

PortSwigger Research portswigger.net

Introduction Our Web Security Academy has a topic on dangling markup injection - a technique for exploiting sites protected by CSP. But something interesting happened when we came to update to Chrome

bypassing csp

Visit resource

More from portswigger.net / PortSwigger Research

Making Desync attacks easy with TRACE 1 month ago | portswigger.net
attacks can constraints easy +8
Using form hijacking to bypass CSP 1 month, 2 weeks ago | portswigger.net
bypass can configuration csp +6
Top 10 web hacking techniques of 2023 2 months ago | portswigger.net
community hacking identify research +7
Hiding payloads in Java source code strings 2 months, 4 weeks ago | portswigger.net
abuse can code conceal +5
Top 10 web hacking techniques of 2023 - nominations open 3 months, 1 week ago | portswigger.net
blog blog posts community hacking +8
Finding that one weird endpoint, with Bambdas 4 months, 1 week ago | portswigger.net
act balancing act concepts endpoint +6
Blind CSS Exfiltration: exfiltrate unknown web pages 4 months, 2 weeks ago | portswigger.net
css discover exfiltration gif +3
The single-packet attack: making remote race-conditions 'local' 6 months ago | portswigger.net
attack conditions effectively http +10
How to build custom scanners for web security research automation 6 months, 2 weeks ago | portswigger.net
aid attack automation build +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Werkstudent (w/m/d) - Cyber Security

@ IONOS | Karlsruhe, Germany
View on infosec-jobs.com

Security Operations Manager

@ BambooHR | Utah | Hybrid
View on infosec-jobs.com

Senior Risk and Compliance Analyst

@ Cricket.com | Hyderabad
View on infosec-jobs.com

Cyber Security Architect

@ Lilium | Munich
View on infosec-jobs.com

Senior Security Analyst

@ BETSOL | Bengaluru, India
View on infosec-jobs.com
View more jobs