Cache Deception

better-call is vulnerable to cache deception. The vulnerability is due to insufficient path sanitization during request processing, which allows an attacker to craft deceptive URLs that mimic static assets and bypass CDN cache exclusion rules...

世界之窗(The World)浏览器地址栏欺骗漏洞

No description provided by source. +++++++++++++++++++++++++++++++++++++++++ 新打开的链接，地址栏是http://www.baidu.com 内容却是被人恶意控制的 Baidu function win x=window.open'http://www.baidu.com'; x.location="about:Baidu要过冬了其实80sec说了也不算数了......document.title="Hacked By 80sec"";...