Posts Tagged "bug bounty"

How I found DOM XSS via postMessage on Bing.com - Microsoft Bug Bounty

The website Bing.com has message event listeners. I found a feature that listens for postMessage with two arguments to update the User header bar with the user's points badge. The following are the steps I took to find the DOM XSS.