InfoSec Blog

tags Archives

XSS

OpenStack's noVNC XSS

By thezero

19/10/2019

Exploiting an old noVNC XSS (CVE-2017-18635) in OpenStack

OpenStack was using an old version of noVNC affected by a DOM-based XSS that allowed attackers to steal VM tokens and take over VMs.

4

Min

HITBAMS2017 XSS game by Google writeup

By polict

26/04/2017

XSSGame by Google at #HITB2017AMS – Writeup

Walkthrough of the Google XSS Game CTF @ Hack in the Box Amsterdam 2017 (HITBAMS2017): 8 challenges to win a Nexus 5X -- find out how we won it! 🤟🏻

5

Min