Transforming Self-XSS Into Exploitable XSS

This blog is describes an attempt by a security researcher to exploit a Cross-site Scripting (XSS) vulnerability. It explains the importance of template strings in XSS filtering, how to overcome the document.domain issue, and the discovery and exploitation of Self-XSS, with reading suggestions.

A Pentester's Guide to Cross-Site Scripting (XSS)

Reflected Cross Site Scripting (r-XSS), by Christopher Makarem, IOCSCAN

Self-XSS upgrade? - Solution to December '22 XSS Challenge

Turning Self-XSS into non-Self Stored-XSS via Authorization Issue at “PayPal Tech-Support and Brand Central Portal”, by YoKo Kho

What is a Cross-Site Scripting (XSS) attack: Definition & Examples

Cross Site Scripting Prevention】Protect and Prevent XSS

AirBnb Bug Bounty: Turning Self-XSS into Good-XSS #2, Geekboy

Self XSS to Account Takeover. Exploiting Self Stored XSS to escalate…, by Ch3ckM4te

Applied Sciences, Free Full-Text

A client‐server JavaScript code rewriting‐based framework to detect the XSS worms from online social network - Gupta - 2019 - Concurrency and Computation: Practice and Experience - Wiley Online Library