The network for creativity
Join 1.25M professional creatives like you
Connect with clients, get discovered, and run your business 100% commission-free
Creatives on Contra have earned over $150M and we are just getting started
Back to feedPost
I discovered a stored cross-site scripting (XSS) vulnerability in a practice web application's comment section that allowed me to inject malicious JavaScript that would execute in any user's browser. By submitting a comment containing a script payload, I successfully stole session cookies from other users and could have hijacked their accounts, performed actions on their behalf, or defaced the website. This finding was documented in a comprehensive report including proof-of-concept screenshots showing cookie theft, CVSS risk scoring of 6.5 (Medium), and step-by-step remediation guidance including input sanitization and output encoding. This assessment demonstrates my ability to find client-side vulnerabilities that can compromise every user visiting the site.
The network for creativity
Join 1.25M professional creatives like you
Connect with clients, get discovered, and run your business 100% commission-free
Creatives on Contra have earned over $150M and we are just getting started
Related posts
When I started cold outreach, I didn’t expect to find so much potential hidden inside old CMS websites.
Most of them aren’t “bad.”
They’re just overloaded, poorly structured, and slowly drifted away from clarity.
Pages pile up, navigation expands, content loses hierarchy — and suddenly a solid business starts underselling itself online.
Cold outreach trained me to see that fast:
not just what looks outdated, but what actually blocks understanding, discovery, and trust.
And that’s why I’ve grown to love legacy work.
Building from scratch is one skill.
But stepping into an existing, messy system and bringing clarity without losing its depth — that’s a completely different craft.
That’s the work I enjoy the most.
Worked on an SEO recovery where multiple blogs were impacted.
✔️ Root cause analysis
✔️ Technical fixes
✔️ Content restructuring across pages
Restored performance and set them up for stronger search visibility.
I'm curious, what’s the toughest SEO issue you’ve faced?
Built a wallet security and transaction simulation platform that protects users from malicious signatures, harmful approvals, and fraudulent on-chain interactions before execution. The project reflects deep technical capability in transaction inspection, security UX, and infrastructure for safer Web3 applications.
Trending
Figma Make
Go from idea to prototype in minutes. What are you designing?
aivideo
AI video tools are moving at warp speed. Which ones are you experimenting with?
illustration
Handcrafted illustration is bubbling up across the web. What are you drawing lately?
aidesignflow
AI tools are redefining design work. What's your current workflow?
freelancerlife
Freelancer life is wins, pivots, and everything in between. What’s yours right now?