Skip to content

research.securitum.com

securitum.com vulnerabilities researches and cyber security education publications

  • About us
  • Penetration Testing
  • Contact us

Tag: Hangouts

Security bug in Google Hangouts Chat desktop application – how to make Open Redirect great again

Michał Bentkowski | July 23, 2018September 30, 2019 | Research

A few months ago Google released a new product – Hangouts Chat application, which was surely the answer of the American giant to the ubiquitous Slack. In short, it is a communication platform for teams, where you can simply chat, as well as exchange files, presentations, etc. You can use the Chat both in your …

Read more

Research updates?

We keep your data private and use it only for research updates newsletter. We also hate spam! Read our Privacy Policy.

Check your inbox or spam folder to confirm your subscription.

For more follow us on Twitter!

Follow @securitum_com

Categories

  • Education 33
  • Research 27
  • Uncategorized 1

Tags

Analysis · Apache · Bug Bounty · Bypass · CA · Camera · Car · Card · CCTV · Censys · Cisco · Cordova · Credit Card · Cryptography · CSS · Desktop · dompurify · Google · Google Chrome · Hack · hacking · Hangouts · HTTP · HTTP/2 · IoT · javascript · Linux · Malware · Mozilla Firefox · NMAP · Payment · Paypass · Race Condition · RCE · Reconnaissance · Shodan · Spoofing · SSL · Takeover · Upload · Vulnerability · Web Hacking · XSS · XSSMas · Zoomeye

Archives

  • 2020 10
  • 2019 8
  • 2018 10
  • 2017 18
  • 2016 8
  • 2015 5

Post of the month

18 Nov 2019

XSS in GMail’s AMP4Email via DOM Clobbering

Michał Wnękowicz

Security Research Manager

For this month I propose: "XSS in GMail's AMP4Email via DOM Clobbering" which was nominated to "Top 10 web hacking techniques of 2019" by Portswigger.

READ MORE

Follow us on:

  • LinkedIn
  • Facebook
  • Twitter
  • GitHub

Pages

  • Research Home Page
  • Penetration Testing
  • Privacy Policy
  • About us
  • Contact us

Recent Posts

  • Helping secure DOMPurify (part 1) December 21, 2020
  • Mutation XSS via namespace confusion – DOMPurify < 2.0.17 bypass September 21, 2020
  • Prototype pollution – and bypassing client-side HTML sanitizers August 18, 2020
  • HTML sanitization bypass in Ruby Sanitize < 5.2.1 July 22, 2020
  • Marginwidth/marginheight – the unexpected cross-origin communication channel July 13, 2020
©2021 research.securitum.com
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. You can read more at our Privacy Policy (link below).Ok