Parser Inconsistencies

When different parsers parse the same input differently, then application logic vulnerabilities can occur.

JSON Interoperability Vulnerabilities

Excellent article:

An Exploration & Remediation of JSON Interoperability VulnerabilitiesBishop Fox

URL Interoperability Vulnerabilities

Orange Tsai had an excellent presentation about that:

https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf

PreviousServer Misconfigurations NextBypassing WAFs

Last updated 2 years ago

Was this helpful?