A humorous exploration of how ambiguous security specifications lead to wildly different input validation implementations across teams, highlighting the risks of vague requirements like 'handle user input securely' without concrete acceptance criteria.
A stored XSS vulnerability where unsanitized URL parameters (refclickid) are stored in cookies and later reflected in JSON responses within script tags, allowing arbitrary JavaScript execution on any page visit. The vulnerability relies on the application trusting cookie values without sanitization when inserting them into script contexts.
Researcher discovered multiple stored and blind XSS vulnerabilities in Skype subdomains (manager.skype.com and secure.skype.com) via unsanitized group_name parameter that could be exploited to escalate privileges, execute malicious scripts on other users, and achieve account takeover through credential/cookie theft.
CVE-2017-10711 is a reflected XSS vulnerability in SimpleRisk's password reset form where the 'user' parameter is echoed directly without sanitization, allowing attackers to execute arbitrary JavaScript and steal session cookies or hijack user sessions via CSRF.