11min chapter

Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu

Critical Thinking - Bug Bounty Podcast

CHAPTER

Understanding DOMPurify Challenges in Web Security

This chapter explores the complexities and nuances of using DOMPurify for sanitization in JavaScript, discussing how varying configurations can impact security. The speakers highlight common mistakes and exploit techniques that can bypass DOMPurify, particularly focusing on context and improper HTML tag usage. Additionally, they delve into historical vulnerabilities related to jQuery and the implications of outdated libraries, emphasizing the importance of robust sanitization practices.

00:00

Transcript

Episode notes

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

11min chapter

Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu

Critical Thinking - Bug Bounty Podcast

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights