Back to directory

WRITEUP #3080

Stealing administrative JWT's through post auth SSRF (CVE-2021-22056)

SSRFCSRF

by@infosec_au(Shubham Shah)

Program

VMware

Published

Jan 17, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.assetnote.io/2022/01/17/workspace-one-access-ssrf/

▸ RELATED WRITEUPS

Vulnerabilities in Homepage Dashboard

Directory Traversal, SQL Injection and Server-Side Request Forgery

SQL InjectionPath traversal

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

IIS welcome page to source code review to LFI!

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Built with ❤️ by Shubham Rawat