XS-Leaks Wiki # Overview # Cross-site leaks (aka XS-Leaks, XSLeaks) are a class of vulnerabilities derived from side-channels 1 built into the web platform. They take advantage of the web’s core principle of composability, which allows websites to interact with each other, and abuse legitimate mechanisms 2 to infer information about the user. One way of looking at XS-Leaks is to highlight their similarity with cross-site request forgery (CSRF 3) techniques, with the main difference being th...| XS-Leaks Wiki
Brave has identified a new category of tracking vulnerability, forms of which are present in all browsers. We call this category of attack “pool-party” attacks because the attack uses collections (or “pools”) of limited-but-shared resources to create side channels.| Brave