【Shopify 1,600 USD】Staff who only have apps and channels permission can do a takeover account at the wholesale store (Bypass get invitation link) https://hackerone.com/reports/1266828
Intigriti’s November XSS challenge: hacking with Maths and Vuejs. https://medium.com/@pr0fessor/intigritis-november-xss-challenge-writeup-hacking-with-maths-and-vuejs-by-pr0fessor-d6f02902057
Account Takeover Summary https://salmonsec.com/cheatsheet/account_takeover
[BugBounty] XSS with Markdown — Exploit & Fix on OpenSource https://lethanhphuc-pk.medium.com/bugbounty-xss-with-markdown-exploit-fix-on-opensource-1baecebe9645
CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable https://xvnpw.github.io/posts/cve_2021_43557_apache_apisix_path_traversal_in_request_uri_variable/
ReconFTW更新 https://github.com/six2dez/reconftw/releases/tag/v2.1.3
