Lab link.
We can perform SSRF attack with parameters vulnerable to open redirection.
Our path redirecting request is “GET /product/nextProduct?currentProductId=4&path=”. We edit this request according to our payload and send it with the stockApi used in the check stock process.
Hello, I am Aleyna Doğan. I work as a Sr. Cyber Threat Intelligence Analyst. In my blog, we write blog posts that my friends and I want to share. Have a good read.