21 March 2023 · 691 words · 4 mins
This article goes into depth discussing an alternative JavaScript function, namely "confirm()". It serves as an alternative for the JavaScript "alert()" function when the latter is unavailable.
16 March 2023 · 718 words · 4 mins
Check out how a security risk can arise from an improperly configured dynamic link generation tag and which can result in XSS exploitation.
11 March 2023 · 1019 words · 5 mins
Learn how to bypass a misconfigured CSP policy and how it can lead to the successful exploitation of cross-site scripting vulnerability.
4 March 2023 · 1049 words · 5 mins
Learn how a misconfigured CSP can be bypassed, potentially leading to the successful exploitation of cross-site scripting vulnerability.
28 February 2023 · 857 words · 5 mins
Check out how the XSS can be exploited in the HTML <div> tags and learn more about <img> tag-based XSS payload.
24 February 2023 · 862 words · 5 mins
Check out how the XSS can also be exploited in hidden input parameter fields with examples.
20 February 2023 · 803 words · 4 mins
Learn how the partially implemented HTML output encoding can be bypassed for exploiting XSS vulnerability using the HTML5 attributes
10 February 2023 · 765 words · 4 mins
Learn how the XSS vulnerability can be found in other params even though it is not editable by the browser using the BurpSuite Proxy tool
6 February 2023 · 913 words · 5 mins
Learn why client-side validation cannot be trusted all the time and how it can be tampered with by using BurpSuite as a proxy for exploiting XSS
2 February 2023 · 543 words · 3 mins
Learn why client-side validation cannot be trusted all the time and how it can be tampered with by browser debugging tools for exploiting XSS
18 January 2023 · 976 words · 5 mins
Learn how the XSS payload can be crafted using HTML5 event attributes rather than using the classic <script> tag
