[Omise] XSS via X-Forwarded-Host header ($200 USD)
Original Post:
We discussed this vulnerability during Episode 115 on 31 January 2022
Exactly as the title puts it, cross-site scripting through content injected from the X-Forwarded-Host
header. Its interesting that this one was paid out as without some other issue like cache poisoning it would be impossible as far I am aware to exploit this as you cannot control the headers of a random user’s requests.