|
|
DOM-based XSS leads to full account takeover
|
Jun 21
|
High
(
8.9
)
|
$0
|
Cross-site Scripting (XSS) - DOM
|
|
|
Stored XSS + WAF Bypass + CSP Bypass -> leads to Auth token and private data leakage
|
May 14
|
Critical
(
10.0
)
|
$0
|
Cross-site Scripting (XSS) - Stored
|
|
|
Content is hidden
|
Cross-site Scripting (XSS) - DOM
|
|
|
Content is hidden
|
Mobile Security Misconfiguration
|