How to Bypass CSP by Hiding JavaScript in a PNG Image

Hide a malicious JavaScript library in a PNG image and tweet it, then include it in a vulnerable website by exploiting a XSS bypassing its Content-Security-Policy (CSP). Read more

Similar