Can Arbitrary Code Execution be done using CSS Injection?
As part of our class project, we are studying the attacks that could be done using CSS Injection. In our threat model, attacker can manipulate any CSS file on the server. If attacker replaces original CSS file with a maliciou… Continue reading Can Arbitrary Code Execution be done using CSS Injection?