PortSwigger-Labs 10
- PortSwigger Labs - Business logic - Missing validation of negative quantities Jul 14, 2021
- PortSwigger Labs - Business Logic - Excessive trust in client side controls Jul 14, 2021
- PortSwigger Labs - XXE to SSRF to exfiltrate EC2 instance metadata Jul 13, 2021
- PortSwigger Labs - Simple XXE to retrieve sensible files Jul 13, 2021
- PortSwigger Labs - CSRF with no defenses Jul 13, 2021
- PortSwigger Labs - Stored XSS to CSRF to change users email Jul 4, 2021
- PortSwigger Labs - Stored DOM XSS Jun 28, 2021
- PortSwigger Labs - Reflected XSS with some SVG markup allowed Jun 27, 2021
- PortSwigger Labs - Reflected XSS with event handlers and href attributes blocked Jun 23, 2021
- PortSwigger Labs - Reflected XSS into HTML context with all tags blocked except custom ones Jun 23, 2021