Episode 76: Match & Replace - HTTP Proxies' Most Underrated Feature
Critical Thinking - Bug Bounty Podcast
Exploring Client-Side Exploits and Cookie-Based Vulnerabilities
The chapter delves into a bug concerning Google OAuth implementation and its implications, focusing on a client-side exploit chain involving CSP, cookies, cookie tossing, post-based attacks, and XSS. They discuss the importance of understanding browser security vulnerabilities and highlight the discovery of a cookie-based XSS vulnerability in Zoom. The speakers emphasize the significance of testing cookie values, combining vulnerabilities, and leveraging different techniques like cookie tossing for successful exploit outcomes.
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
