Blogs

New XSS vector vulnerability in ReaderMode with %READER-TITLE-NONCE% in Brave Browser(patched)

Target: Brave Software Title: New XSS vector in ReaderMode with %READER-TITLE-NONCE% Summary: Previously, script execution in ReaderMode pages was prohibited by CSP. However, three months ago, this commit partially relaxed the CSP and scripts with nonce-%READER-TITLE-NONCE% are now allowed to be executed. This relaxation of the CSP rule can be exploited for XSS attacks on ReaderMode pages. Here, the attack vector is %READER-CREDITS% which is also included in the ReaderMode HTML template. The %READER-CREDITS% is replaced with the value of the <meta name="auth

Blogs

External Service Interaction vulnerability discovered in the U.S. Department of Defense (now patched)

Target: U.S. Department of Defense Summary An External Service Interaction vulnerability (DNS and HTTP) was identified on the domain www.█████████. Burp Collaborator Results: DNS request received from: ████████ HTTP request received from: ███ Impact The External Service Interaction vulnerability occurs when an attacker can induce an application to interact with arbitrary external services such as DNS or HTTP. This can also extend to other services like FTP, SMTP, etc. Potential impacts include: DDoS Attacks: Exploiting the interaction to flood external