achievement_unlocked
@crash ha resuelto
Client-Side Permission Bypass + SVG XSS + Cookie Theft
BBLABS.ESLab Resuelto
DifícilVDP
// achievement_unlocked
Client-Side Permission Bypass + SVG XSS + Cookie Theft
Business Logic
may 2026
CR
solved_by@crashMiembro desde may 2026
bblabs.es// real bug bounty practice
dificultad
Difícil
posición
#7
completados
9
sobre_el_hacker
El track record de @crash
labs resueltos
10
flags capturadas
2
// últimos labs resueltos
Media$750
Stored XSS via SVG File Upload
may 2026
FácilVDP
Path Traversal via Avatar Upload
jun 2026
FácilVDP
12 DOM XSS Parameters for Automated Scanning
jun 2026
FácilVDP
Mass Assignment Privilege Escalation
jun 2026
FácilVDP
Mass Assignment Privilege Escalation Lab
jun 2026
FácilVDP
Stored XSS in Post Body
jun 2026