Brief: I was able to hijack Google Docs screenshot of any document exploiting postmessage misconfiguration and a browser behavior. Google have a feature called "Send Feedback" in most of their product. As the name suggests it helps Google to get feedback from users when they face some issue.

Brief: I was able to hijack Google Docs screenshot of any document exploiting postmessage misconfiguration and a browser behavior. Google have a feature called "Send Feedback" in most of their product. As the name suggests it helps Google to get feedback from users when they face some issue.

Brief: On 04/11/2020, BugPoc released a XSS challenge on their twitter handle. This writeup explains about the successful exploitation of XSS, bypassing various security implementation. Challenge URL:  https://wacky.buggywebsite.com/ On visiting the URL you will find the following content: Inputting any text, results in the styled

Brief: On 04/11/2020, BugPoc released a XSS challenge on their twitter handle. This writeup explains about the successful exploitation of XSS, bypassing various security implementation. Challenge URL:  https://wacky.buggywebsite.com/ On visiting the URL you will find the following content: Inputting any text, results in the styled