Episode 27: Top 7 Esoteric Web Vulnerabilities
Critical Thinking - Bug Bounty Podcast
00:00
Cross-Site Leak: A Common Vulnerability Over the Next Few Years
Cross-site leak is sort of like a C-Surf. In that you're forcing the user to have the browser make a request. You can determine, you know, something about the user's presence in the application based off of that. I've seen a couple of people exploit this successfully at live hacking events and I've seen it result in a critical once.
Transcript
Play full episode
