Biscuit's Bug Bounty Playbook
  • ๐Ÿ‘‹Introduction to Biscuit's Bug Bounty Playbook
  • Mains
    • ๐ŸงพResume For Cyber Security Freshie
    • ๐Ÿ“—Browser extension
    • ๐Ÿ“€POC Videos YT Channel
    • ๐Ÿ“บ55 YouTube Channels To Learn Hacking
    • ๐Ÿ‘€Hackers to Follow on Social Media
      • Twitter
      • Medium
      • YouTube
      • GitHub
      • Discord Server
      • Security GitBooks
    • ๐Ÿ…Learn The Basics
      • ๐ŸŽ–๏ธType Of Cyber Security
      • ๐ŸฅˆCommon Job Roles
      • ๐Ÿฅ‰Get Started With InfoSec
      • โš•๏ธBest Bug Bounty Platform
      • ๐Ÿ—ž๏ธBest InfoSec Writeups Website
      • ๐ŸชHacking Books
      • ๐Ÿฅ‚CLI Commands
      • ๐Ÿ’ฟLearn WSL
    • ๐Ÿง‘โ€๐Ÿ’ปFun Programming Codes
    • ๐Ÿ”ฎBuild your own Bug Bounty Methodology
    • ๐ŸŽดBug Bounty Checklist
  • Bug Bounty Reports & Articles
    • 0๏ธโƒฃIndex
    • 1๏ธโƒฃTakeover's (Accounts, Sub-domains, etc)
      • ๐ŸšกSub Domain Takeover
      • ๐Ÿš Account Takeover
      • ๐ŸšŸdependency confusion vulnerability
    • 2๏ธโƒฃIDOR (Indirect Object Reference)
    • 3๏ธโƒฃLeaks & Disclosure (PII, API Key, etc)
    • 4๏ธโƒฃOpen Redirects
    • 5๏ธโƒฃRequest Forgery (CSRF & SSRF)
      • ๐ŸŸขCSRF
      • ๐Ÿ”ดSSRF
    • 6๏ธโƒฃInjections (HTML, XSS, etc)
      • ๐ŸŸกXSS
      • ๐ŸŸ HTML Injection
      • ๐ŸŸฃCR/LF Injection
      • ๐ŸŸขSSTI
    • 7๏ธโƒฃBroken Access Control & Broken Authentication
      • โš™๏ธFile Upload Functionality
      • โš™๏ธPassword Reset Functionality
      • โš™๏ธ2FA Functionality
      • โš™๏ธOauth Functionality
      • โš™๏ธBypassing
      • โš™๏ธMisconfiguration
    • 8๏ธโƒฃWeb Socket
    • 9๏ธโƒฃMiscellaneous Reports
    • 0๏ธCloud
      • ๐ŸŒฉ๏ธAWS S3
    • 1๏ธLow Hanging Fruits
    • 2๏ธCache Poising
    • 3๏ธDOS/DDOS
  • Bug Bounty Platforms
    • ๐Ÿ›BugCrowd
    • ๐ŸžHackerOne
    • ๐ŸชฒIntigriti
    • ๐ŸœOpen Bug Bounty
  • Exploiting Technologies
    • 0๏ธโƒฃIntroduction
    • 1๏ธโƒฃWordpress
    • 2๏ธโƒฃGraphQL API
    • 3๏ธโƒฃIDOR Vulnerability
    • Learn Android Hacking
Powered by GitBook
On this page
  1. Bug Bounty Reports & Articles
  2. Injections (HTML, XSS, etc)

XSS

PreviousInjections (HTML, XSS, etc)NextHTML Injection

Last updated 5 months ago

6๏ธโƒฃ
๐ŸŸก
LogoReddit disclosed on HackerOne: [accounts.reddit.com] Redirect...HackerOne
LogoLeveraging XSS to get RCE in Textpattern | Pentest LimitedPentest
LogoCS Money disclosed on HackerOne: Blind XSS on image uploadHackerOne
Logo10 Practical scenarios for XSS attacksPentest-Tools.com
LogoStarbucks disclosed on HackerOne: Reflected Cross site Scripting...HackerOne
LogoGlassdoor disclosed on HackerOne: Reflected XSS on...HackerOne
LogoLeveraging Reflected XSSMedium
LogoLeveraging XSS to Read Internal FilesAll Things Security
LogoXSS without parentheses and semi-colonsPortSwigger Research
LogoAn Interesting Case of XSS Caused by File Upload | by Xiaodong - Freedium
LogoHOW RECON HELPED ME TO GET A STORED XSS!Medium
LogoSuper Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerableMedium
LogoHow I was able to find 50+ Cross-site scripting (XSS) Security Vulnerabilities on Bugcrowd Publicโ€ฆMedium
LogoXYZ of XSSMedium