Stealing passwords from infosec Mastodon - without bypassing CSP | PortSwigger Research · Jamie Tanna

Liked Stealing passwords from infosec Mastodon - without bypassing CSP

Post details

The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP. Everybody on our Twitter feed seemed to be jumping ship to the infose

Sun, 20 Nov 2022 09:26 by Jamie Tanna . #security.

This post was filed under likes.

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.