XSS protection bypass made my quickest bounty ever

medium.com · devanshbatham/Awesome-Bugbounty-Writeups · 22 hours ago · bug-bounty
quality 3/10 · low quality
0 net
AI Summary

Researcher bypassed XSS protection filters using an iframe payload with data URI encoding to achieve stored XSS in a comment box, earning a $150 bounty within 30 minutes. The payload exploited the target's allowlisting of iframe tags while blocking standard script injection vectors.

Tags
xss xss-bypass html-injection iframe-injection stored-xss waf-bypass bug-bounty bragging-post
Entities
Yeasir Arafat Shawar Khan
DEV XSS Protection bypass made my quickest bounty ever!! | by Yeasir Arafat - Freedium Milestone: 20GB Reached We’ve reached 20GB of stored data — thank you for helping us grow! Patreon Ko-fi Liberapay Close < Go to the original DEV XSS Protection bypass made my quickest bounty ever!! Hi All,This is Yeasir Arafat here.I would love to share my last XSS which made my fastest bounty ever.I believe sharing is caring :D Yeasir Arafat Follow ~2 min read · December 3, 2017 (Updated: May 15, 2018) · Free: Yes So, this time I was able to bypass protection also able to manage some bounty with quick time.I have got some cool swag and little bounty to them before reporting this XSS to them :) .I had found HTML injection on their public discussion.At that time I was able to inject malicious script with HTML. example of malicious script :