Episode 60: Our Take on PortSwigger's Top 10 Web Hacking Techniques of 2023
Critical Thinking - Bug Bounty Podcast
Exploring Angular Attribute Manipulation and Electron Context Isolation for XSS and RCE
This chapter explores a web hacking technique involving the ng-init attribute in Angular being specified via the class attribute, enabling the execution of arbitrary JavaScript code within HTML tags, leading to XSS attacks. Additionally, it discusses utilizing context isolation in electron applications to achieve remote code execution (RCE) through communication between privileged and renderer processes.
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
