↓ Skip to main content

Joe Bollen Security

Home

Blog

Topics

Home
Blog
Topics

Posts

2023

Bypassing Samesite Cookie Restrictions with Method Override

30 July 2023·665 words·4 mins

Bug Bounty CSRF

Data exfiltration via Indirect Prompt Injection in ChatGPT

10 July 2023·899 words·5 mins

AI Security Prompt Injection

2022

Finding Unblocked Vectors for XSS

28 July 2022·346 words·2 mins

XSS Bug Bounty Burp Suite

2021

Escalating Reflected XSS with HTTP Smuggling

11 February 2021·421 words·2 mins

HTTP Smuggling XSS Bug Bounty

CORS Blimey

28 January 2021·1264 words·6 mins

CORS XSS Bug Bounty

←
1
2
3

Yes, it’s a real three-body problem simulation