Interesting one :)
Just found an interesting way to bypass some nonce-based CSPs and made a small XSS challenge with an exploitable scenario. See if you can find it before I tell!
Source JS:
gist.github.com/JorianWoltje...
URL:
greeting-chall.jorianwoltjer.com
Found a solution? Please DM to avoid spoilers, thanks!
Source JS:
gist.github.com/JorianWoltje...
URL:
greeting-chall.jorianwoltjer.com
Found a solution? Please DM to avoid spoilers, thanks!
July 1, 2025 at 11:30 PM
Interesting one :)
I have just updated my site, here's the writeup of cve-2024-48962 I found in Apache Ofbiz.
www.sebsrt.xyz/blog/cve-202...
www.sebsrt.xyz/blog/cve-202...
sebsrt - Sebastiano Sartor
sebsrt - Sebastiano Sartor
www.sebsrt.xyz
June 2, 2025 at 10:17 PM
I have just updated my site, here's the writeup of cve-2024-48962 I found in Apache Ofbiz.
www.sebsrt.xyz/blog/cve-202...
www.sebsrt.xyz/blog/cve-202...
Reposted by sebsrt
🩸 First blood went to @sebsrt.bsky.social in under 15 mins 👏
April 7, 2025 at 2:07 PM
🩸 First blood went to @sebsrt.bsky.social in under 15 mins 👏
That's one of the most insane things I've ever seen
www.youtube.com/watch?v=0mCs...
www.youtube.com/watch?v=0mCs...
TypeScript types can run DOOM
YouTube video by Michigan TypeScript
www.youtube.com
March 17, 2025 at 10:57 PM
That's one of the most insane things I've ever seen
www.youtube.com/watch?v=0mCs...
www.youtube.com/watch?v=0mCs...