El Mehdi
@elmahdi.bsky.social
Bugbounty Hunter @elmahdi , https://elmehdi.me
Reposted by El Mehdi
Got sniped into the challenge and ended up doing some cool XSS research :D
11 char XSS with mind-boggling race-conditions.
TL;DR the final payload is location=x (10 chars) and the longest is top.Z.x=x.d (11 char)
It's shorter than location=name !!
terjanq.me/solutions/jo...
11 char XSS with mind-boggling race-conditions.
TL;DR the final payload is location=x (10 chars) and the longest is top.Z.x=x.d (11 char)
It's shorter than location=name !!
terjanq.me/solutions/jo...
December 14, 2024 at 1:17 PM
Got sniped into the challenge and ended up doing some cool XSS research :D
11 char XSS with mind-boggling race-conditions.
TL;DR the final payload is location=x (10 chars) and the longest is top.Z.x=x.d (11 char)
It's shorter than location=name !!
terjanq.me/solutions/jo...
11 char XSS with mind-boggling race-conditions.
TL;DR the final payload is location=x (10 chars) and the longest is top.Z.x=x.d (11 char)
It's shorter than location=name !!
terjanq.me/solutions/jo...
Reposted by El Mehdi
Following other's lead, I put together an XSS challenge to solve a somewhat tricky injection I'd come across. In producing the challenge I came up with my solution (so in that way I guess it served it's purpose) but interested in how other's would approach it 🤔
blog.ajxchapman.com/xss/challeng...
blog.ajxchapman.com/xss/challeng...
March 10, 2025 at 4:19 PM
Following other's lead, I put together an XSS challenge to solve a somewhat tricky injection I'd come across. In producing the challenge I came up with my solution (so in that way I guess it served it's purpose) but interested in how other's would approach it 🤔
blog.ajxchapman.com/xss/challeng...
blog.ajxchapman.com/xss/challeng...