What are XS-Leaks? # Cross-Site Leaks are a class of vulnerabilities that have been present on the web for a long time, gaining new attention at the end of 2018 when a formal name was assigned and a repository of some of them was created. These vulnerabilities are Browser Side-channel Attacks and most of them exploit behaviors inherent to the design of the web, which increases the complexity around their mitigation.
The Cross-site scripting (XSS) game by @Google
via https://twitter.com/therealskildust/status/801519151575605252
TLDR: Sometimes you just need to spend a couple of months to exploit a XSS with a hygiene product.
abstract: "Dans ce deuxième article de la série consacrée aux failles applicatives, j’aborde les injections XSS au travers de l’OWASP. Vous découvrirez ces failles et apprendrez à les détecter. Vous verrez enfin les moyens de vous en prémunir."
explications, en français :)
english versioin http://www.scriptalert1.com/
