Stealing passwords from the Glitch fork of Mastodon
US,
Oops...
Stealing passwords from infosec Mastodon - without bypassing CSPThe story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP. Everybody on our Twitter feed seemed to be jumping ship to the infose