CVE-2021–43633

Shaun Whorton
4 min readNov 8, 2021

Stored XSS 😲

Comic Sans 😤

On the back of a recent discovery, I felt encouraged to go hunting for some more vulnerabilities in open source software. After some searching, I settled on Messaging Web Application, which is an open-source browser-based messaging application. I unpacked the source, spun up an instance of the application, and started poking at it.

Shaun Whorton

Senior Security Consultant | BSc, MSc, PNPT, CRTP, eCPPT, eCPTX, OSCP, CEH(P)