When testing DOM XSS in redirection sinks, don't use javascript:alert(1) use javascript://target.com/%E2%80%A8alert(1) instead.
Many targets don't validate the URL scheme, but they do validate the host.
#bugbounty#bugbountytips#xss#bypass
@xchopath So as per this bug the application is not validating the intent before sending the broadcast reciever i.e the notification we receive that is related to that is it. So validations are missing that lead to account take over actually it should validate the account related intent
🕵️♂️ Calling fellow Bug Bounty hunters who consume daily blogs, articles, talks, and research
There’s too much surface-level content out there -finding the meaningful gems is hard.
I’m starting a closed group (currently me & @4osp3l)
Retweet + comment “Interested” if you want in