cors-exploitation

1 article
sort: new top best
clear filter
bug-bounty432 google350 xss348 microsoft279 facebook245 apple171 exploit158 rce153 malware95 account-takeover94 cve87 csrf82 writeup78 bragging-post78 browser76 privilege-escalation66 react59 authentication-bypass57 cloudflare54 dos53 ssrf51 docker51 node49 aws47 access-control47 smart-contract45 phishing45 oauth45 ethereum43 defi42 supply-chain42 sql-injection41 web341 lfi37 idor34 smart-contract-vulnerability32 clickjacking31 web-application31 wordpress30 race-condition30 reverse-engineering30 info-disclosure29 vulnerability-disclosure29 cloud28 information-disclosure28 burp-suite28 solidity27 web-security27 cors26 responsible-disclosure26
0 7/10
Think outside the scope advanced cors exploitation techniques
research

Advanced CORS exploitation techniques demonstrating two real-world cases: chaining XSS vulnerabilities with CORS misconfigurations to leak sensitive data, and bypassing CORS origin validation using special characters in domain names (particularly in Safari) to exploit wildcard subdomain whitelisting. The second technique leverages browser inconsistencies in domain validation to craft malicious origins like 'zzzz.ubnt.com=.evil.com' that pass CORS checks while resolving to attacker-controlled domains.

cors-misconfiguration cors-exploitation xss cross-origin-request subdomain-takeover browser-quirks special-characters-bypass origin-header-validation wildcard-dns safari-vulnerability credential-leakage api-security
Ayoub Safa Sandh0t HackerOne Ubnt Corben Leo Davide Danelon PortSwigger Geekboy
medium.com · devanshbatham/Awesome-Bugbounty-Writeups · 18 hours ago · details