BUG BOUNTY DAY 25 · Host Header Injection · ← Bug Bounty Course Password reset poisoning is one of those vulnerabilities that produces an almost disbelieving reaction the first time you demonstrate it. You send a password reset request for someone else's account, swap the Host header for your Burp Collaborator URL, and thirty seconds later you're watching the victim's reset token arrive in your Collaborator log. No phishing. No social engineering. Just a single HTTP header modification and a…
No comments:
Post a Comment