Tags › Application Security

Abusing SIP for Cross-Site Scripting? Most definitely!

SIP can be used as an attack vector for cross-site scripting (XSS), potentially leading to unauthenticated remote compromise of critical systems. This writeup explores how persistent backdoor administrative access was obtained by sending malicious SIP messages to VoIPmonitor GUI.…