bug-bounty460
xss231
bragging-post117
rce87
microsoft82
google81
account-takeover81
open-source79
csrf77
authentication-bypass76
facebook75
stored-xss74
web-security64
reflected-xss63
access-control61
apple59
ai-agents59
privilege-escalation58
input-validation51
defi48
sql-injection48
cross-site-scripting47
smart-contract47
ethereum44
api-security42
information-disclosure41
web-application39
privacy39
tool37
ssrf36
burp-suite36
malware34
llm34
automation34
html-injection33
smart-contract-vulnerability33
vulnerability-disclosure33
web333
responsible-disclosure32
phishing32
opinion31
waf-bypass31
denial-of-service30
cve30
idor29
machine-learning29
code-generation28
authentication27
remote-code-execution26
infrastructure25
0
6/10
bug-bounty
A DOM XSS vulnerability exploiting unsafe use of location.pathname in AJAX requests, where an attacker can inject a protocol-relative URL (//attacker.com) to redirect the AJAX call to a malicious domain and inject arbitrary JavaScript into the page.
DOM XSS
AJAX
location.pathname
0
7/10
bug-bounty
Demonstrates how missing Origin header validation on WebSocket endpoints can allow cross-origin XSS and CSRF attacks. The attacker connects to an unprotected WebSocket, sends malicious payloads containing script tags that get rendered in the receiving client's DOM, achieving application-wide XSS and account takeover capabilities.
websocket
xss
csrf
origin-validation
client-side-injection
bug-bounty
web-application
full-duplex-communication
dom-based-xss
content-injection
Osama Avvan
BurpSuite
websocket.org