Bug Bounty Writeups

Security Research | Bug Bounty | Personal Blog

Writeups

Account Takeover via Self-XSS Chained with CSRF

Chaining a Self-XSS vulnerability with a CSRF email update flaw led to full account takeover.

XSS CSRF High 2026/02/26

IDOR via UUID – User Chat Leakage and Deletion

Improper object validation allowed access to and deletion of other users’ AI chats.

IDOR Medium 2026/02/01

Contact

Email: Shinigamiuniq@gmail.com