Type of vulnerability that allows an attacker to gain an unauthorized and full control of the victim’s account without any need of credentials by exploiting the authentication flaw existing in the application.
allows an attacker to take full control of a victim's account without requiring any passwords by exploiting an authentication fault in the application.
pollutes the HTTP parameters of a web application in order to perform or achieve a specific malicious task Example: Reset password or Send OTP While sending OTP or reset link there are params like ph_no , email_id ph_no=1234567890&ph_no=0000124563 [email protected]&[email protected] 1. 2. 3.
using host header functionality. To create the password reset link they use domains mentioned in the host header and append it with the password reset token.
therefore the attacker proceeds to edit the parameters in the following way: {“email”:”[email protected]”,”password”:”new_passwd”,”confirmPassword”: ”new_passwd”} The attacker has changed the parameter email by just changing the attacker’s email by the victim’s email.