Open rliebig opened 11 years ago
It's perfectly fine for a web application to allow multiple instances of the same key in a query string. The vulnerability here is either
In many cases, the actual vulnerability is something else entirely; it is insufficient encoding. When user input ends up in an URL, it must be URL-encoded first, and then HTML-encoded.
HTTP Header Pollution is a attack where a HTTP Parameter(Post and GET) is repeated again. As example,
http://localhost/xss?username=nowhere&username=shown
. The only valid response would be a error, however it isn't some pages only return the last/first occurence of this string. This should be checked.Intresting Links: