Account hijacking using “dirty dancing” in sign-in OAuth-flows

bug bounty Detectify Crowdsource Frans Rosén OAuth postmessage XSS

Popular tags XSS Detectify Crowdsource Frans Rosén bug bounty Detectify

Cloudkit Detectify Crowdsource Frans Rosén iOS

Hacking CloudKit – How I accidentally deleted your Apple Shortcuts

Frans Rosén / September 13, 2021

Frans Rosén load balancer Mathias Karlsson middleware vulnerabilities misconfigurations Nginx

Frans Rosén / February 18, 2021

Auditor Cross Site Scripting Frans Rosén HTTPS Everywhere Linus Särud validation

September 4, 2018

AWS bug bounty Frans Rosén Google Cloud s3 buckets

August 2, 2018

Chrome Chrome extensions Facebook Frans Rosén XSS

August 31, 2017

AWS bug bounty Frans Rosén privacy XSS

July 13, 2017

bug bounty Frans Rosén Github Mathias Karlsson

June 15, 2017

Frans Rosén postmessage Slack

February 28, 2017

bug bounty Fastly Frans Rosén Heroku Mathias Karlsson

October 24, 2016

1 2 Next »