When researching another website I discovered a XHR request on my Google Inspector on Linkedin that seemed interesting: https://www.linkedin.com/countserv/count/share?url=http://www.site_i_was_in.pt Basically it was the request made […]
DOM XSS in all Condé Nast sites network
For those who don’t know Condé Nast: Condé Nast, a division of Advance Publications, is a mass media company headquartered at One World Trade Center […]
Google Reflected Filename Download
I found a critical issue on Google that can be used by malicious users to hijack victims computer using Google domain as platform and trust […]
ArubaNetworks Avatar Image XSPA
I found out that was possible to run a XSPA [Cross Site Port Attacks] using Avatar URL option on any registered community profile. XSPA allows attackers […]
Desk.com Reflected Filename Download
Who is Desk.com? Salesforce Desk.com help desk software offers small businesses an all-in-one customer service software solution that will help keep customers happy and loyal. […]