Hey folks, Nauman Khan back in action! Today, we’re diving into the depth of XSSRF — where Server-Side Request Forgery (SSRF) meets Cross-Site Scripting (XSS).
Lets Learn How I was able to turn an Informative(P5) SSRF to an High(P2) Severity Vulnerability And Got $$$ for it.
Vulnerable Functionality:
- The web app provides users with an intuitive page creation wizard for marketing campaigns.
- A standout feature allows users to seamlessly integrate external pages into their marketing content.