Stumbling into the bug of another

The work of another bug hunter is staring back at you. Is your job half done?

Photo by me

Once, I was testing an API endpoint for XSS and stumbled into the work of another bug hunter. The endpoint received search queries via a GET request on the company’s forum page. When I injected my payload to see how the server would react, I noticed that the JSON data in the…




Writer, Web Developer, Hacker, and Family man

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The Journey — Part Two

Coursera-clone with Backend

Automated Kubernetes secret injection with 1Password Secret Automation and HashiCorp Vault

aelf Extends its Mainnet Token Swap to March 9, 2022

Cloudera’s Hadoop CAP | Homework Guide — Part 1

My Experience with Prefect so Far (and a quick getting started guide)

Delivery vs Growth: which to choose and when

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adam W.

Adam W.

Writer, Web Developer, Hacker, and Family man

More from Medium

Blind-XSS Disappointment

Automate your recon With Censys | HOW Pro hacker use Censys

Remote Code Execution | A Story of Simple RCE on Jenkins Instance.

On the way to 2nd Bounty XSS and Apache server .