XSS
Bugbounty) 사례 분석 XSS-2)
1) Yahoo Mail : 10000$.. https://klikki.fi/adv/yahoo2.html Yahoo Mail stored XSS #2 Yahoo Mail stored XSS #2 Dec 08, 2016 A security vulnerability in Yahoo Mail was fixed last week. The flaw allowed an attacker to read a victim's email or create a virus infecting Yahoo Mail accounts, among other things. The attack required the victim to v klikki.fi : 야후 메일에는 "share files from cloud providers" 라는..
Bugbounty) 사례분석 XSS -1)
1. 구글 클라우드 XSS - 5000$ 짜리!! https://blog.it-securityguard.com/bugbounty-sleeping-stored-google-xss-awakens-a-5000-bounty/ [BugBounty] Sleeping stored Google XSS Awakens a $5000 Bounty | Patrik Fehrenbach Dear Readers, Today I want to share a short write-up about a stored cross-site scripting (XSS) issue I found on the Google Cloud Console. I consider it a lucky find. Some of you may remember the..
그누보드 취약점 분석 (KVE-2019-1235,1236,1238)
# 이 포스트는 이미 제보된 취약점을 분석한 것임을 알려드립니다. # 실습 환경은 그누보드 5.3.2.0 입니다. https://github.com/gnuboard/gnuboard5/commit/c2922aaa13fe5d9ffabd5370d67125209d5bb5a8