Parser Inconsistencies

When different parsers parse the same input differently, then application logic vulnerabilities can occur.

JSON Interoperability Vulnerabilities

Excellent article:

URL Interoperability Vulnerabilities

Orange Tsai had an excellent presentation about that:

https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf

PreviousServer MisconfigurationsNextBypassing WAFs

Last updated