Videos

Sat
25
Oct
Editorial_Staff_Team's picture

Google Youtube - Persistent Cross Site Vulnerability (Demonstration Video)

Google Youtube - Persistent Cross Site Vulnerability (Demonstration Video)

The independent vulnerability laboratory researcher jasminder pal has discovered a persistent cross site scripting vulnerability in the official google - youtube web-application ui. Google security send a reward of 1337$ to the researcher that discovered the vulnerability during the official bug bounty program. By usage of a filter bypass evasion method the issue became exploitable in different application layers that are connected to the vulnerable values.

Wed
15
Oct
Editorial_Staff_Team's picture

Parallels Plesk v11.5.x - URL Protection Filter Bypass (Video Demonstration)

Parallels Plesk v11.5.x - URL Protection Filter Bypass Vulnerability

The video has been recorded during the pentest session of ismail kaleem in the official parallels plesk hosting panel application. The video demonstrates how to bypass the url filter protection for malicious requests to execute malicious urls. The vulnerability is already patched by the parallels dev team.

The advisory of the vulnerability is not publicly available because the team participated in a silent security program of the laboratory.

Pages

Subscribe to RSS - Videos