Unleashing the power of CSS injection: The access key to an internal API
In this write-up, we will be explaining a vulnerability that was discovered in an online accounting application. The vulnerability was a CSS injection flaw that could be exploited in the application’s PDF generator. We will explain to you how we discovered the vulnerability and how we were able to exploit it to get internal API access. Temporarily unavailable… We hope you found this write-up entertaining, informative and interesting to read. Thank you for your attention.