Web - Client
Monday 17 October 2022, 08:04 #1
Web - Client - XSS - Stored 1
Hello, I get the cookie of the logged in user and send it with an ajax request to an external server. But it only works with me as a user. Even when the site tells me that my messages have been read, I do not receive any new request on the external server. What more should I do ?
Monday 5 June 2023, 18:50 #2
Web - Client - XSS - Stored 1
Yeap, the challenge is still buggy.
I tried two different methods:
1. I sent the user’s cookies to the same chat section of the page. but it only works on my own cookies(as if no admin is visiting the page).
2. I used an external service to capture requests, and then sent a GET request to that service containing the cookies, which did not work(as If no admin is visiting the page).