Exploiting CSP in Webkit to Break Authentication & Authorization

This blog post will discuss our findings that we presented in our Blackhat Europe talk titled “Exploiting CSP in Webkit to break Authentication/Authorization”, a vulnerability that enabled us to takeover user accounts on most of the web applications out thereby exploiting a bug in CSP in WebKit.

This post was created with our nice and easy submission form. Create your post!

What do you think?

Posted by SH

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

Escalating XSS to Sainthood with Nagios

Laravel 8.x image upload bypass — Zero Day