tl;dr
- XSS using hx- attribute to fetch the flag from /api/note/flag.
tl;dr
tl;dr
tl;dr
tl;dr
headers.set
/?user=
to Get XSS at /helloworld
/?user=<PAYLOAD>
and /helloworld
using cache poison or bug in regex(uninteded)tl;dr
/profile/
will not change the nonce tl;dr
tl;dr
tl;dr
tl;dr
LOAD
and S_TYPE
opcodes lead to OOB when addr > DRAM_BASE+DRAM_SIZE
tl;dr