all InfoSec news
Exploiting XSS with Javascript/JPEG Polyglot
Dec. 29, 2022, 12:27 p.m. | Medusa
InfoSec Write-ups - Medium infosecwriteups.com
What is a polyglot?
Just like PNG, JPEG, and DOC are valid file types, polyglots are a combination of two different file types. For example Phar + JPEG (PHP archive and JPEG file), GIFAR (Gif and Rar file) Javascript + JPEG, etc.
Applications allow only certain file types on features like file upload and don’t allow other file types like .php or .js files as these can enable the attacker to upload malicious files on the application. Applications perform extension …
bug bounty cybersecurity exploiting javascript jpeg polyglot vulnerability xss xss-attack
More from infosecwriteups.com / InfoSec Write-ups - Medium
Private Interact.sh server setup with a web dashboard
2 days, 6 hours ago |
infosecwriteups.com
Hack Stories: Hacking Hackers EP:3
4 days, 6 hours ago |
infosecwriteups.com
Mastering Shodan Search Engine
5 days, 7 hours ago |
infosecwriteups.com
Email Verification Bypass via Remember Me
5 days, 7 hours ago |
infosecwriteups.com
Active DNS Recon using AXIOM
5 days, 7 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Officer Hospital Laguna Beach
@ Allied Universal | Laguna Beach, CA, United States
Sr. Cloud DevSecOps Engineer
@ Oracle | NOIDA, UTTAR PRADESH, India
Cloud Operations Security Engineer
@ Elekta | Crawley - Cornerstone
Cybersecurity – Senior Information System Security Manager (ISSM)
@ Boeing | USA - Seal Beach, CA
Engineering -- Tech Risk -- Security Architecture -- VP -- Dallas
@ Goldman Sachs | Dallas, Texas, United States