XSS Filter Bypass via Cookie Injection to Extract Stored Credentials
GWCTF 2019 - mypassword Challenge Walkthrough Challenge Overview The challenge presents a login interface with registration functionality. Upon logging in, a message indicates that SQL injection is not the intended attack vector. The interface includes a feedback submission form. Initial Analysis Th...