Course
This course covers the exploitation of an application using <code>addEventListener()</code> without verifying the origin of the message. By understanding and leveraging the <code>postMessage</code> method, you will learn how to get an administrator to leak confidential information via the "Sharing" functionality.
Skills covered
Injection
Authentication
Client Side
Included with PRO
Full course content
2 videos
Common mistakes
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
