On-site Request Forgery

OSRF is a type of vulnerability where an attacker is able to influence Clients to send crafted requests to their destined location on behalf of vulnerable application. That is, it sends request to your chosen URL with Referer and/or Origin of it's own.…

MS Edge – HTTP Access Control (CORS) Bypass

This is a short post about a vulnerability I had found in Microsoft Edge. TL;DR Edge failed to recognize HTTP Authentication information (i.e. Authorization Header) as credential information when sending fetch requests. So, if an application uses Basic or NTLM auth, Edge would send Authorization header in all…