👨🏻💻 Introduction & Background:This is a write-up of how I chained two vulnerabilities (an XSS and a CORS misconfiguration) that allowed me to steal contacts from a victim's contact book. This data included: names, phone numbers, addresses, etc. ✗ Cross-Origin-Resource SharingCross-Origin Res…
Corben Leo
Recently, while my friend Alyssa Herrera and I were collaborating on finding ffmpeg vulnerabilities in bug bounty programs, we came to learn that Bandcamp ran a bug bounty program. If you have never heard of BandCamp, it is essentially a platform that allows artists, fans, and labels to interact, co…
Corben Leo
Multiple XSS and CSRF in Pulse Connect Secure v83R1 Multiple XSS and CSRF in Pulse Connect Secure v8.3R1.pdf 543 KB…
Corben Leo
Invision Power Board is a very popular paid forum software. I decided to audit it and initially found a few stored XSS vulnerabilities in the admin panel, all had a low impact, so I didn't report them. I then came across the Announcements function in the Moderator Control Panel. Essentially this fun…
Corben Leo
I got bored one day and somehow thought of AOL for some reason, so I decided to see if I could find any vulnerabilities in mail.aol.com. Initially I tried looking in the signature, since it allowed HTML. I did find an XSS there, but it was self-xss, because when you sent an email with the malicious…
Corben Leo