Back to directory
WRITEUP #6251

Cracking the lens: targeting HTTP's hidden attack-surface

XSSReflected XSSSSRF
by@albinowax(James Kettle)
Bounty
33,000
Program
Yahoo! / Verizon MediaBTNew Relic
Published
Jul 27, 2017
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://portswigger.net/research/cracking-the-lens-targeting-https-hidden-attack-surface
RELATED WRITEUPS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
RCEConfusion attack
Canary Token OSS Security Audit Report (Q2 2024)
XSSDoS
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Self-XSS to ATO via Site Features
XSSSelf-XSS

Built with ❤️ by Shubham Rawat