ckeditor

1 article
sort: new top best
clear filter
bug-bounty480 google297 xss277 microsoft249 facebook211 rce159 apple150 exploit136 bragging-post102 account-takeover98 malware94 csrf84 cve79 privilege-escalation74 authentication-bypass65 stored-xss65 writeup61 reflected-xss57 browser54 react53 ssrf51 phishing50 dos50 input-validation49 cloudflare49 access-control49 cross-site-scripting48 node46 aws46 smart-contract45 docker45 sql-injection45 ethereum44 defi43 web-security43 web-application42 supply-chain42 oauth41 web339 burp-suite36 lfi34 vulnerability-disclosure34 idor34 html-injection33 smart-contract-vulnerability32 race-condition32 clickjacking31 reverse-engineering31 information-disclosure30 csp-bypass30
0 7/10
How we invented the Tesla DOM XSS
bug-bounty

Researchers discovered and exploited a DOM XSS vulnerability in Tesla's forums (forums.tesla.com) via CKEditor's InsertHtml function, bypassing HTML filters with a crafted img tag payload to load arbitrary JavaScript and embed a DOOM game in the page. The vulnerability was a self-XSS with limited impact but demonstrated creative filter evasion techniques.

dom-xss cross-site-scripting ckeditor filter-bypass self-xss tesla bug-bounty web-security payload-crafting html-injection
Tesla forums.tesla.com CKEditor Linus Särud Fredrik Almroth Detectify vexal js-dos
labs.detectify.com · devanshbatham/Awesome-Bugbounty-Writeups · 22 hours ago · details