Categoría: writeups

Web cache poisoning with multiple headers

Web cache poisoning with an unkeyed cookie

Web cache poisoning with an unkeyed header

Remote code execution via server-side prototype pollution

Bypassing flawed input filters for server-side prototype pollution

Detecting server-side prototype pollution without polluted property reflection

Privilege escalation via server-side prototype pollution

Client-side prototype pollution in third-party libraries

Client-side prototype pollution via flawed sanitization

DOM XSS via an alternative prototype pollution vector