From 500 to Account Takeover
ID: 69c0a868-b3ea-5eb3-93de-7733f8f61930
STIX ID: report--69c0a868-b3ea-5eb3-93de-7733f8f61930
Feed Name: SensePost Blog
Threat Score
This report demonstrates a practical proof-of-concept attack that chains an XSS vulnerability in an HTTP 500 error page with a Cloudflare WAF signature bypass (using superfluous leading zeros) and a Content Security Policy bypass via the Google Analytics collect endpoint to exfiltrate 24-character SessionID tokens, enabling a one-click account takeover by sending a crafted URL.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.