Almost a year and MALL Group IT hasn't fixed it yet. #xss

XSS at Vodafone Czech openbugbounty.org/reports/634838/

XSS at @mallcz openbugbounty.org/reports/630985/

XSS Filter Bypass List with index ordered alerts gist.github.com/ThomasOrlita/e…

Reflected XSS in Google Code Jam #XSS Google VRP (Google Bug Hunters) blog.thomasorlita.cz/vulns/reflecte…

Use Google's CSP Evaluator to find ways to bypass CSP on websites using Angular libraries or JSONP endpoints. #XSS Google VRP (Google Bug Hunters) blog.thomasorlita.cz/vulns/google-c…

Bypassing Firebase authorization to create custom goo.gl subdomains or why not to rely on client-side validation. null.app.goo.gl/vuln #BugBounty

Liking GitHub repositories on behalf of other users thanks to a stored XSS in Google's WebComponents.org #XSS #BugBounty blog.thomasorlita.cz/vulns/stored-x…

How I XSSed Google Code-in thanks to the way they were(n't) escaping JSON data. #BugBounty blog.thomasorlita.cz/vulns/google-c…

How I got access to personal data of a million users (and with the help of an XSS also to credit card numbers). #XSS #BugBounty blog.thomasorlita.cz/vulns/leoexpre…

Combining multiple vulnerabilities to insert malware files into Google Earth Studio ZIP archives of thousands of users. #BugBounty #infosec appio.dev/vulns/google-e…

A write-up about how thanks to a vulnerability in Google's Invoice Submission Tool it was possible to execute a blind XSS on behalf of a Google Employee and get access to Google's invoices and internal sites. #BugBounty #InfoSec #XSS appio.dev/vulns/googlepl…

From a self-XSS to a valid XSS with the help of clickjacking on Google.org's Crisis Map. #BugBounty #InfoSec #XSS appio.dev/vulns/clickjac…

Getting all 32000 email addresses of every registered user on Google.org’s Crisis Map thanks to IDOR and incremental IDs. #BugBounty #InfoSec websecblog.com/vulns/listing-…

Getting confidential information about upcoming Google Cloud products from unrestricted draft blog post images. #BugBounty #InfoSec websecblog.com/vulns/public-g…

Untrusted Types just got a new UI with better filtering options and features thanks to Thomas Orlita! Check it out! github.com/filedescriptor…

Overview of different vulnerabilities in Google's new web-based collaboration tool Threadit: XSS, Clickjacking, ACL bypass, Info leak... #BugBounty #InfoSec websecblog.com/vulns/google-t…

Bug write-up for Google Extensions thanks Thomas Orlita and others for the help :) ndevtk.github.io/writeups/2023/… this writeup does include some free XSSs I got board of waiting.

bsky.app/profile/thomas…

XSS @Angular vulnerability by escaping the sandbox with "constructor.constructor" bypass on McDonald's.com youtube.com/watch?v=Aa9fZF…