Multiple Severe Vulnerabilities in MonkeyType.Com Chat Based XSS, Auth bypass, User Spoofing - Write-ups and Disclosures - @disclose_io Community Forum

I published the original article over at my independent research project obsrva.org Executive Overview In May 2021, independent security researcher Tyler Butler found several critical vulnerabilities in monkeytype.com, a popular open-source typing-test application with a booming community of over 100k daily unique visitors. The vulnerabilities included stored cross-site scripting and user impersonation in the tribe chat room feature, as well as an authentication bypass vulnerability enablin

Bug Bounty POC - All Bug Bounty POC write ups by Security Researchers.

Hacking_SharePoint_FINAL

OWASP - WebGoat - Stored Cross Site Scripting (XSS) Attacks

How to limit login attempts in WordPress?

Hacking_SharePoint_FINAL

Bad Request with Ocelot ReRoute using Eureka as Service Provider at LocalHost · Issue #1053 · ThreeMammals/Ocelot · GitHub

Multiple Severe Vulnerabilities in MonkeyType.Com Chat Based XSS, Auth bypass, User Spoofing - Write-ups and Disclosures - @disclose_io Community Forum

Account Takeover Vulnerability in OpenAI ChatGPT

False Positive report on DOM-based XSS · Issue #6934 · zaproxy/zaproxy · GitHub

Anti-Malware Security and Brute-Force Firewall – Wtyczka WordPress

Multiple Severe Vulnerabilities in MonkeyType.Com Chat Based XSS, Auth bypass, User Spoofing - Write-ups and Disclosures - @disclose_io Community Forum

How the CRS protects the vulnerable web application Pixi by OWASP DevSlop – OWASP ModSecurity Core Rule Set

Hacking_SharePoint_FINAL

Stored Cross-Site Scripting (XSS) via Tribe Chat · Issue #1476 · monkeytypegame/monkeytype · GitHub

MX injection and type juggling vulnerabilities · Issue #6229 · roundcube/roundcubemail · GitHub