XSPA : Cross Site Port Attack

An application is vulnerable to Cross Site Port Attacks if the application processes user supplied URLs and does not verify/sanitize the back end response received from remote servers before sending it back to the client. An attacker can send crafted queries to a vulnerable web application to proxy attacks to external Internet facing servers,...

Read more