Not usual CSP bypass case

Karol Mazurek
5 min readDec 12, 2022

CSP default-src ‘self’ — bypass using the error page.


During one of the penetration tests, I managed to chain three application issues that finally enabled the execution of the Stored XSS vulnerability.

The vulnerability combines three flaws in the application:

  1. Unrestricted file upload.