Catch-up on Flash XSS exploitation – bypassing the guardians! – Part 1

Simple Security Tip: window.location = window.location.pathname can cause Open-Redirect issue!

Microsoft XMLDOM in IE can divulge information of local drive/network in error messages – XXE

IE/Firefox Redirection Issue – FB Oauth2 Bypass – BugCrowd

File in the hole! – HackPra slides

XSS by uploading/including a SWF file

Don’t trust a string based on TryParse or IsNumeric result! (.Net/VBScript)

IE9 Self-XSS Blackbox Protection bypass

Microsoft IIS tilde character “~” Vulnerability/Feature – Short File/Folder Name Disclosure

Browsers Anti-XSS methods in ASP (classic) have been defeated!