LinkedIn: Persistent XSS (unvalidated Open Graph embed) at LinkedIn.com

This report was previously published on Medium.com/@JonathanBouman. Follow me on Twitter or Medium for new reports. F361972 Proof of concept Background In my previous report we learned more about a special type of the persistent XSS attack; the unvalidated oEmbed attack. This attack allows us to...