#cspt — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cspt, aggregated by home.social.
-
1️⃣ Starting things off is Maxence Schmitt's research on abusing #CSPT to perform CSRF attacks. Because of its ability to bypass most modern defensive techniques the ubiquity of this vulnerability can't be overstated.
-
Taking his previous research to the next level, our Maxence Schmitt explores how to bypass various upload restrictions to exploit client-side path traversal. Read about it in our latest blog post today!
-
👿Eval Villain update - available now! Recent improvements: #CSPT sink detection, addEventListener sync & needle and copy/paste injection exporting, along with bug fixes & improved usability. Install today!