Attacking Web without JavaScript - CSS injection

CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

09/22 14:00 - 14:30 Threat Research Forum

Attacking Web without JavaScript - CSS injection

When speaking of web security in front-end, XSS is the first thing that comes to mind. But, do you know that we can also attack the web without JavaScript?

I will present an attack vector without JavaScript - CSS injection, which can be used to steal sensitive data on web page, like CSRF token, and give a real world example.

LOCATION Taipei Nangang Exhibition Center, Hall 2 4F 4A LANGUAGE English

SESSION TOPIC Web SecurityWeb Service SecuritySide-chanel Attack

SPEAKER

Cymetrics Cymetrics Security Researcher

Interested in web security, especially XSS, CORS and XSLeaks, currently doing security research and development at Cymetrics.

CYBERSEC EXPO

CYBERSEC EXPO

Cyber Taiwan Pavilion

Cyber Taiwan Pavilion

Asia Cyber Channel Summit

Asia Cyber Channel Summit

09/22 14:00 - 14:30 Threat Research Forum

Attacking Web without JavaScript - CSS injection

SPEAKER