How DOM Based XSS Attacks work
![kassem on Twitter: "Yay, I was awarded a $500 bounty on @Hacker0x01! Bug: Dom based XSS using the swagger ui by [?configUrl=] parameter Tips: ?configUrl=https://t.co/eBpP5NrCqC https://t.co/573zhTCbKG #TogetherWeHitHarder" / Twitter](https://pbs.twimg.com/media/FkiHSDCXoA0IzCu?format=jpg&name=large "kassem on Twitter: \"Yay, I was awarded a $500 bounty on @Hacker0x01! Bug: Dom based XSS using the swagger ui by [?configUrl=] parameter Tips: ?configUrl=https://t.co/eBpP5NrCqC https://t.co/573zhTCbKG #TogetherWeHitHarder\" / Twitter")
kassem on Twitter: "Yay, I was awarded a $500 bounty on @Hacker0x01! Bug: Dom based XSS using the swagger ui by [?configUrl=] parameter Tips: ?configUrl=https://t.co/eBpP5NrCqC https://t.co/573zhTCbKG #TogetherWeHitHarder" / Twitter
Automating Discovery and Exploiting DOM (Client) XSS Vulnerabilities using Sboxr — Part 2 | by Riyaz Walikar | Appsecco
Persistent DOM-based XSS in help.twitter.com via localStorage | Persistent DOM-based XSS in help.twitter.com via localStorage Awarded: 1.120$ https:// hackerone.com/reports/297968 | By Nullwatch 0x2. | Facebook
March 2017 | HackerOne Platform Documentation
HackerOneDB/XSS.md at master · BugHunterID/HackerOneDB · GitHub
Cross-site scripting: How to go beyond the alert | TechBeacon
Hackerone-Report/TOPXSS.md at master · marz-hunter/Hackerone-Report · GitHub
Integrate HackerOne directly into your website with Embedded Submissions | HackerOne
What Bypassing Razer's DOM-based XSS Patch Can Teach Us - EdOverflow
PostMessage Vulnerabilities. Part II · Jorge Lajara Website
Transforming Self-XSS Into Exploitable XSS | Invicti
Finding DOM Polyglot XSS in PayPal the Easy Way | PortSwigger Research
DOM Invader - Packt - SecPro
Hacking Swagger-UI - from XSS to account takeovers
26 Cross Site Scripting ( XSS ) Bug Bounty Reports - Bug Bounty Guide
Tale of my First XSS. Hi guys, So I would like to start this… | by Aditya Soni | InfoSec Write-ups
Learn about Cross Site Scripting (XSS) | BugBountyHunter.com
May 2017 | HackerOne Platform Documentation
%20attack%20Preview.png "A7: Cross-Site Scripting (XSS) 💻 - Top 10 OWASP 2022")
A7: Cross-Site Scripting (XSS) 💻 - Top 10 OWASP 2022
How I found a Stored XSS vulnerability in Hackerone Program - Pintu Solanki - Medium
버그바운티(Bug Bounty) Write-up / DOM Based XSS ($500) — 보안과 개발을 다 하고싶은 욕심쟁이
Vulnerability Disclosure Program (VDP) | HackerOne
Hacker Spotlight: Interview with edduu | HackerOne
Introducing DOM Invader: DOM XSS just got a whole lot easier to find | Blog - PortSwigger
