Back to directory

WRITEUP #67

Authorization bypass due to cache misconfiguration

APIAuthorization bypassAccess control bypassGraphQL

by@rikeshbaniya(Rikesh Baniya)

Bounty

2,000

Program

-

Published

Aug 21, 2024

Added to HackDex

Aug 22, 2024

Read Full Writeuphttps://rikeshbaniya.medium.com/authorization-bypass-due-to-cache-misconfiguration-fde8b2332d2d

▸ RELATED WRITEUPS

The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover

The Hunt for ALBeast: A Technical Walkthrough

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Gudifu: Guided Differential Fuzzing for HTTP Request Parsing Discrepancies

OtherWeb cache poisoning

Exploiting Broken Authentication Control In GraphQL

Built with ❤️ by Shubham Rawat