Tomorrowland SSO postMessage Origin Bypass — PoC

Researcher: cycyx24 (Intigriti) — authorised testing

Attacker origin:

Target: https://login.tomorrowland.com/ (loaded in hidden iframe below)

Status: initialising...

Captured postMessages from login.tomorrowland.com:

(waiting...)