Facebook pays out $25k bug bounty for chained DOM-based XSS
Researcher awarded five-figure sum for ‘easy to exploit’ bug
11 Nov 2020 ... alpha.facebook.com returned this domain as targetOrigin. This prompted
Sammouda to look for pages containing an Eventlistener that only ...