I discovered three security issues in the Honey coupon app / browser extension leading to user information leaks and privacy issues.

Two issues in the static-eval node module that can lead to remote code execution.

Build project for an IoT Elmo to prank my friend.

How An XSS in (Hipchat Native OSX application) can lead to remote code execution. Two issues exist in Atlassian’s HipChat desktop client that allow an attacker to retrieve files or execute remote code...

Google documents leak full name and e-mail address via ClickJacking the 'request permissions' dialog in a private doc.

The mobile version of the flicker site accept input from the user controlled data and includes it in the HTML output without proper encoding. This is similar to the bug posted at: Abusing CORS for an XSS on Flickr which is actaully really similar to a bug I found on facebook mobile a few years ago: Facebook XSS via CORS

In a Facebook FBML application some elements are protected with fb_protected=”true”. When transversing the elements with getElementsByTagName sub elements of the protected element can be accessed.

Facebook allows developers to build applications using the “Canvas“. Because the canvas apps run on the facebook domain they use a “Sandbox”. This is a subset of HTML called FBML and a limited javascript set called FBJS. The sandbox is basically used to try prevent an attacker form being able to run malicious code.

Facebook also introduced Public Canvas Pages.

HTML 5 does not do much to solve browser security issues. In fact it actually broadens the scope of what can be exploited, and forces developers to fix code that was once thought safe.