Abstract

CSS, an integral part of web development, is usually associated with aesthetics and layout. What can an attacker do with CSS? In this presentation, we will delve into cutting-edge research by community on CSS data exfiltration, unveiling how this technique elevates the seemingly innocuous HTML injection (HTMLi) into a high-impact vulnerability.

Speaker

Manmath Paste

Manmath Paste works as a security engineer at ServiceNow, specializing in Application Security. He possesses expertise and a keen interest in various areas, including web applications penetration testing, security code reviews, security automation and tooling, threat modeling, security design reviews, and securing cloud-based solutions.

Timing

Starts at Saturday February 24 2024, 12:25 PM. The sessions runs for about 1 hour.

Resources