Stored XSS via Sanitizer Bypass


On October 31, 2021, I discovered Stored XSS throught bypass Sanitizer in Since the backend code of the Kakao Mail service is not open source, it was bypassed by guessing based on the return value.

How to find and exploit

Not authorized

Proof of Concept

Not authorized