CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

bg-inner

SESSION

09/22 14:00 - 14:30 Threat Research Forum

Attacking Web without JavaScript - CSS injection

When speaking of web security in front-end, XSS is the first thing that comes to mind. But, do you know that we can also attack the web without JavaScript?

I will present an attack vector without JavaScript - CSS injection, which can be used to steal sensitive data on web page, like CSRF token, and give a real world example.

LOCATION Taipei Nangang Exhibition Center, Hall 2 4F 4A LANGUAGE English
SESSION TOPIC Web SecurityWeb Service SecuritySide-chanel Attack

SPEAKER

Cymetrics Cymetrics Security Researcher

Interested in web security, especially XSS, CORS and XSLeaks, currently doing security research and development at Cymetrics.