Transforming Self-XSS Into Exploitable XSS

This blog is describes an attempt by a security researcher to exploit a Cross-site Scripting (XSS) vulnerability. It explains the importance of template strings in XSS filtering, how to overcome the document.domain issue, and the discovery and exploitation of Self-XSS, with reading suggestions.

Evaluation and monitoring of XSS defensive solutions: a survey, open research issues and future directions

Bug Bytes #10 - Command Injection, Sublert by @yassineaboukir & Bypassing XSS Detection - Intigriti

Differences of Stored XSS and Reflected XSS

How to Prevent Cross-Site Scripting (XSS) in JavaScript

Cross Site Scripting Prevention】Protect and Prevent XSS

Weaponizing self-xss - NetSPI

Applied Sciences, Free Full-Text

Turning Self-XSS into non-Self Stored-XSS via Authorization Issue at “PayPal Tech-Support and Brand Central Portal”, by YoKo Kho

Applied Sciences, Free Full-Text

How I leveraged an interesting CSRF vulnerability to turn self XSS into a persistent attack?, by Akash Methani

XSS on Google Search - Sanitizing HTML in The Client? : r/programming

Dealing with cross-site scripting issues

Non-Persistent Cross-site scripting: Non-persistent XSS

Multi-agent architecture of a scanner to detect stored–XSS vulnerabilities

Reflected–XSS vulnerability scanner