[bounty] Akamai Cache Poisoning and a Chrome Universal XSS

Day[0] - A podcast by dayzerosec

Categories:

Had some varied issues this week, a file format allowing JScript for a $20,000 bounty, Akamai Cache Poisoning, Universal XSS in Chrome. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/155.html [00:00:00] Introduction [00:00:26] Two Lines of JScript for $20,000 [00:05:31] Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned) [00:14:10] [Chrome] Universal XSS in Autofill Assistant [00:22:51] Aurora Improper Input Sanitization Bugfix Review [00:31:21] What I learnt from reading 126* Information Disclosure Writeups.