Blind CSS Data Exfiltration - Make HTMLi great again null Hyderabad Meet 24 February 2024 Monthly meet
Abstract
CSS, an integral part of web development, is usually associated with aesthetics and layout. What can an attacker do with CSS? In this presentation, we will delve into cutting-edge research by community on CSS data exfiltration, unveiling how this technique elevates the seemingly innocuous HTML injection (HTMLi) into a high-impact vulnerability.
Speaker
Manmath Paste works as a security engineer at ServiceNow, specializing in Application Security. He possesses expertise and a keen interest in various areas, including web applications penetration testing, security code reviews, security automation and tooling, threat modeling, security design reviews, and securing cloud-based solutions.
Timing
Starts at Saturday February 24 2024, 12:25 PM. The sessions runs for about 1 hour.