CSS Injection and Content Injection

Joel: This is a cool bug that I found and actually might should be a write-up. He says he can DOS this whole application by just using like background URL to force a request to the logout endpoint. It will send it'll send a request there and it'll log the user out Um, and it'll destroy their cookie. So that's another attack vector to be keeping in your head when you got a css injection Man, that's such a good tip. We we got to go into that singapore bug the css Oh my gosh, dude. That that was nuts That that was like that changed my entire perspective of how I think about like css