Dom xss leads to account takeover in octoprint/octoprint
Apr 19th 2022
Proof of Concept
Send this link to admin
When he will open it and try to login XSS will popup.
Attacker able to capture admin cookie and can takeover his account.