bug-bounty545
xss278
rce184
google160
exploit129
facebook126
malware126
microsoft125
bragging-post120
account-takeover110
cve103
open-source91
privilege-escalation88
csrf82
authentication-bypass75
stored-xss72
phishing71
access-control65
ai-agents63
reflected-xss61
apple56
input-validation53
web-security53
reverse-engineering50
ssrf49
writeup49
sql-injection49
cross-site-scripting48
dos48
browser47
supply-chain47
tool46
smart-contract46
defi45
ethereum45
privacy44
web-application43
web341
cloudflare40
information-disclosure39
llm37
responsible-disclosure37
opinion35
api-security35
burp-suite35
vulnerability-disclosure34
idor34
lfi34
automation34
race-condition33
0
5/10
bug-bounty
A stored XSS vulnerability in Outlook.com iOS browsers was exploited by crafting a PowerPoint file (saved in 97-2003 format) with a javascript: protocol hyperlink, which executes when the document is opened and the link is clicked within the iOS browser. The researcher earned $1,000 USD from Microsoft's bug bounty program.
stored-xss
outlook
ios
microsoft-office
hyperlink-injection
javascript-protocol
browser-exploitation
email-client
outlook.com
outlook.live.com
Microsoft
Google Chrome
Safari
Firefox
Opera
@omespino