Cache Poisoning via SelfXSS + Path Parameter
in this write up i will explain to you how i was able to turn self xss To stored xss In JSP Application While searching on webarchive for JSP files of the target i found a file named common.jsp which return the ip of visitor and as everyone else might do i tried to see if i can control it via some headers such x-forwarded-for , fortunately i was able to do that but it's just self-xss so i need t..
카테고리 없음
2021. 8. 28. 09:37