#XSS
4 postsBugForge - Weekly - Fur Hire (Mar 14, 2026)
This walkthrough demonstrates a chained attack against a job recruitment application protected by a WAF. The application reflects unsanitised input in the…
XSS WAF Bypass CSRF
Posted on 2026-03-14 09:00 7 min read
BugForge - Weekly - Galaxy Dash (Feb 20, 2026)
This walkthrough demonstrates a stored cross-site scripting (XSS) vulnerability in a delivery booking application where unsanitized user input in the…
XSS Session Hijacking Account Takeover
Posted on 2026-02-20 09:00 5 min read
BugForge - Daily - Ottergram (Jan 24, 2026)
A stored Cross-Site Scripting (XSS) vulnerability was identified in the messaging functionality where user input is rendered using React's…
XSS Oob
Posted on 2026-01-24 20:00 4 min read
BugForge - Weekly - FurHire (Dec 29, 2025)
After creating recruiter and job seeker accounts, a normal job application flow was completed to identify where application status updates are handled. An…
WAF By Pass XSS CSRF
Posted on 2025-12-29 10:15 5 min read