bug-bounty497
xss257
rce136
google132
bragging-post117
account-takeover107
facebook101
microsoft101
privilege-escalation87
authentication-bypass83
csrf83
malware82
open-source82
stored-xss75
cve69
exploit67
access-control67
web-security64
ai-agents64
reflected-xss63
apple62
phishing58
input-validation53
sql-injection50
cross-site-scripting49
smart-contract48
defi48
api-security47
ethereum45
ssrf44
reverse-engineering44
information-disclosure43
privacy41
web-application39
tool38
vulnerability-disclosure38
dos38
burp-suite37
writeup37
cloudflare36
automation35
responsible-disclosure34
opinion34
web334
llm34
smart-contract-vulnerability33
idor33
html-injection33
ai-security33
race-condition32
0
7/10
bug-bounty
Demonstrates how missing Origin header validation on WebSocket endpoints can allow cross-origin XSS and CSRF attacks. The attacker connects to an unprotected WebSocket, sends malicious payloads containing script tags that get rendered in the receiving client's DOM, achieving application-wide XSS and account takeover capabilities.
websocket
xss
csrf
origin-validation
client-side-injection
bug-bounty
web-application
full-duplex-communication
dom-based-xss
content-injection
Osama Avvan
BurpSuite
websocket.org