UofTCTF 2026 - Personal Blog

Web Security challenge involving XSS, session hijacking, and magic link abuse to steal admin cookies