Kailash bio photo

Kailash

Information security Practitioner

Twitter LinkedIn Github

Recent Posts

GraphQL IDOR in Facebook streamer dashboard.

While viewing our stream dashboard data from creator studio, there is an endpoint from where we can see our dashboard status. There is parameter called profile_id which can be misused to access dat...

CVE-2020-10596

Authenticated Stored Cross Site Scripting (XSS) in OpenCart 3.0.3.2.