ITSLEARNING VULNERABILITY STORIES – One more stored XSS

Itslearning vulnerability stories episode 3 is here. I want to add another stored xss to itslearning vulnerabilities list. Let’s do it! This is an interesting vulnerability that triggers stored XSS. Itslearning has a kind of document sharing feature that helps people to share files to each other. Normally, when you click the file, system automatically…


ITSLEARNING XSS PART 2

Today I want to explain you how I can still be able to execute javascript payloads on Itslearning education syste. Itslearning XSS part 2 begins! You should check the part 1 of this article. ITSLEARNING STORED XSS VULNERABILITY OR NOT? Mr. Håkon Høydal, wrote an article about Itslearning. After that Itslearning, did some things to filter…


SMARTSHEET XSS VIA FILE UPLOAD

Hi, today I want to explain XSS vulnerability that I found on Smartsheet.com. Smartsheet XSS vulnerability is an interesting vulnerability because it occurs via file upload! By the way I want to clarify that, this XSS works with or without authorization, so it is dangerous vulnerability as well as interesting. What is Smartsheet and more…


-------------------------------------------------------------------------------------------------------------------------Mustafa Kemal Can-------------------------------------------------------------------------------------------------------------------------