diff --git a/pentesting-web/cross-site-websocket-hijacking-cswsh.md b/pentesting-web/cross-site-websocket-hijacking-cswsh.md
index b24bf723e..a3a7705c9 100644
--- a/pentesting-web/cross-site-websocket-hijacking-cswsh.md
+++ b/pentesting-web/cross-site-websocket-hijacking-cswsh.md
@@ -1,7 +1,5 @@
 # Cross-site WebSocket hijacking \(CSWSH\)
 
-Most of the information of this page is from **Portswiggers WebSockets tutorials \(main page:** [**https://portswigger.net/web-security/websockets\#intercepting-and-modifying-websocket-messages**](https://portswigger.net/web-security/websockets#intercepting-and-modifying-websocket-messages)**\)**
-
 ## What are WebSockets
 
 WebSocket connections are initiated over **HTTP** and are typically **long-lived**. Messages can be sent in **either direction at any time** and are not transactional in nature. The connection will normally stay open and idle until either the client or the server is ready to send a message.  
@@ -136,7 +134,13 @@ sudo python3 -m http.server 80
 
 ## Other vulnerabilities
 
-As Web Sockets are a mechanism to **send data to server side and client side**, depending on how the server and client handles the information, **Web Sockets can be used to exploit several other vulnerabilities**:
+As Web Sockets are a mechanism to **send data to server side and client side**, depending on how the server and client handles the information, **Web Sockets can be used to exploit several other vulnerabilities like XSS, SQLi or any other common web vuln using input of s user from a websocket.**
+
+## References
+
+{% embed url="https://portswigger.net/web-security/websockets\#intercepting-and-modifying-websocket-messages" %}
+
+\*\*\*\*