webkit

3 articles
sort: new top best
clear filter
bug-bounty480 google297 xss277 microsoft249 facebook211 rce159 apple150 exploit136 bragging-post102 account-takeover98 malware94 csrf84 cve79 privilege-escalation74 authentication-bypass65 stored-xss65 writeup61 reflected-xss57 browser54 react53 ssrf51 phishing50 dos50 input-validation49 cloudflare49 access-control49 cross-site-scripting48 node46 aws46 smart-contract45 docker45 sql-injection45 ethereum44 defi43 web-security43 web-application42 supply-chain42 oauth41 web339 burp-suite36 lfi34 vulnerability-disclosure34 idor34 html-injection33 smart-contract-vulnerability32 race-condition32 clickjacking31 reverse-engineering31 information-disclosure30 csp-bypass30
0 6/10
3 XSS in protonmail for iOS
vulnerability

Three XSS vulnerabilities discovered in ProtonMail for iOS: one via SVG onload in applewebdata origin, one via javascript URI requiring click interaction, and one via base64-encoded HTML embed in data origin. While XSSs do not allow email exfiltration, they enable JavaScript execution, privacy violations through tracking, phishing, and UXSS in privileged contexts.

xss cross-site-scripting protonmail ios dompurify vulnerability-disclosure email-security webkit applewebdata uxss payload-analysis
ProtonMail Vladimir Metnew DOMPurify Cure53 CVE-2016-1764 Anatoly Andy Yen Safiler
medium.com · devanshbatham/Awesome-Bugbounty-Writeups · 22 hours ago · details
0 7/10
FireFox IOS QR code reader XSS(CVE-2019-17003)
vulnerability

Firefox iOS QR code scanner fails to sanitize javascript: URIs, allowing XSS attacks across multiple contexts including reader mode, local files, and internal pages, while also bypassing Content Security Policy restrictions. The vulnerability was fixed by removing javascript URI support from the address bar in later versions.

xss cve-2019-17003 qr-code javascript-uri firefox-ios webkit reader-mode csp-bypass local-file-access internal-pages mobile-browser
CVE-2019-17003 Firefox iOS Opera Mini WebKit Mozilla
payatu.com · devanshbatham/Awesome-Bugbounty-Writeups · 22 hours ago · details
0 2/10
Safari web browser bugs: A year in review
opinion

A Safari extension developer who filed 82 new Safari bugs in 2025 through WebKit Bugzilla and Apple Feedback Assistant shares statistics showing only ~32 were fixed, and argues Safari's software quality is deteriorating based on increasing unfixed bug accumulation.

webkit safari browser-security bug-reporting quality-assurance vulnerability-disclosure software-quality
Apple WebKit Safari Bugzilla Feedback Assistant
lapcatsoftware.com · zdw · 1 day ago · details · hn