/r/Slackers
/r/Slackers
As the report is finally public, you can read about the discoveries, which lead to the Electron Framework adding the ContextIsolation option.
All the credits belong to masato :)
https://drive.google.com/file/d/1LSsD9gzOejmQ2QipReyMXwr_M0Mg1GMH/view
Grrrr reddit archive posts after 6 months (even if sticky) so here is a new challenge thread. To post a challenge please follow the following format
Creator:
Challenge:
Solution:
Rules:
The old challenge thread is available here:
https://www.reddit.com/r/Slackers/comments/ebcg8z/the_challenge_thread/
Recently I created a repo to collect all cool, but tiny, XSS payloads that I knew of.
https://github.com/terjanq/Tiny-XSS-Payloads
Please contribute if you know of any other cool tricks you can do, or if you know about authors of payloads already included there https://github.com/terjanq/Tiny-XSS-Payloads/blob/master/payloads.js