Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 07:04:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

Added CORS exploitation with strict trusted origin whitelist using XSS

Browse source
This commit is contained in:
Emanuel Duss 2020-04-12 14:55:05 +02:00
parent 48fcdeb7ca
commit f120024c6b
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
CORS Misconfiguration/README.md
View file

@ -117,6 +117,17 @@ origin in the request:
</script>"></iframe>
```
### Vulnerable Example: XSS on Trusted Origin
If the application does implement a strict whitelist of allowed origins, the
exploit codes from above do not work. But if you have an XSS on a trusted
origin, you can inject the exploit coded from above in order to exploit CORS
again.
```
https://trusted-origin.example.com/?xss=<script>CORS-ATTACK-PAYLOAD</script>
```
## Bug Bounty reports
* [CORS Misconfiguration on www.zomato.com - James Kettle (albinowax)](https://hackerone.com/reports/168574)