ScriptJacker  Blogs

Vulnerabilities Die Here

Services Contact
ScriptJacker

Latest Blog Post

Stored XSS

Converting Self-XSS to Stored XSS leads mass Account Takeover (ATO)

The attacker initially discovered a Self-XSS vulnerability by misusing the application features it got critical impact. Although harmless in browser, this input was later stored and rendered elsewhere without sanitization, escalating it to a Stored XSS. Since the payload executed in every user’s session, it could hijack authentication tokens or cookies.

Parth Narula
Parth Narula

Difficulty: Low

broken authentication

Rare Broken Authentication Flaw - 99% people don't know

The bug allowed an attacker to gain unauthorized access to the subdomain without ever completing registration. By starting signup on the main app (with a random email/phone), skipping OTP, and then triggering a password reset on the partner subdomain, the attacker received a valid reset link. This let them set a password and fully access an account that was never verified nor created, leading to a critical auth bypass.

Parth Narula
Parth Narula

Difficulty: Medium


Topics

All

Web App

API

Business

Research

Tags

Let's Talk

Do you want to learn more about how I can help your company in your pentesting needs? Let us have a conversation.