all InfoSec news
Reflected XSS on Admin Login Page
March 21, 2023, 3:52 p.m. | ASWIN K V
InfoSec Write-ups - Medium infosecwriteups.com
Hi! I’m Aswin,security researcher and a penetration tester.Here we are discussing reflected XSS in a private bug bounty program.
On the website https://xyz.redacted.com/a6, when you attempt to access secret sections,The URL on the parameter “win” redirects you to a login page with values from the URL mirrored in the DOM.
Reflect XSS- Admin Login pageA cross-site scripting attack might be launched against the application since there is no adequate handle for the data reflected, making it susceptible.What is reflected …
bug bounty cybersecurity hacking login penetration testing reflected xss xss xss-attack
More from infosecwriteups.com / InfoSec Write-ups - Medium
4 Ways Cybercrime Could Impact Your Loan Business
1 week, 2 days ago |
infosecwriteups.com
Story of Lock up users’ account by DOS attack cost $1,100
1 week, 6 days ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
Cybersecurity Skills Challenge -- Sponsored by DoD
@ Correlation One | United States
Security Operations Center (SOC) Analyst
@ GK Cybersecurity Group | Remote
Azure Security Architect
@ First Quality | Remote US - Eastern or Central Timezone
Threat Intelligence Analyst
@ Atos | Remote Home, HOME (England & Wales), GB, Remote Hom
Alternance (F/H) Hardening, migration cloud et containerisation d'un application windows
@ Alstom | Villeurbanne, FR
Security Specialist / Analist (CIT)
@ Lely | Maassluis, Netherlands