PortSwigger Web Security: Incomplete fix for CVE-2022-35406: meta-redirect content-type check bypassable via parameter injection

The fix for CVE-2022-35406 1541301 stops Burp from following a redirect when the response Content-Type/Content-Disposition would prevent HTML rendering. The check substring-matches html in the raw Content-Type instead of parsing the media type. A text/plain response can smuggle the token via a...

portswigger-labs

PortSwigger Web Security Academy — Lab Notes Notes from compl...

portswigger-sqli-labs

PortSwigger Web Security Academy — SQL Injection Labs All 18...

portswigger-xss-labs

PortSwigger Web Security Academy — XSS Labs All 30 Completed...

portswigger-labs

...

Web-Security-Notes

Web-Security-Notes Per...

Portswigger_SQLI_LABs_code_review

PortSwigger SQL Injection Labs — Local Docker Recreations Sel...

portswigger-sqlinjection-labs

🔐 SQL Injection Attack Lab – PortSwigger Web Security Academy...

xss-payloads

xss cheatsheet - xss Portswiggerhttps://portswigge...

PortSwigger-DirectroyTraversal

PortSwigger Lab: File Path Traversal Non-Recursive Strip Bypa...

October 2025 Burp Cross Site Scripting Cheatsheet

This is Portswigger's really useful cross site scripting cheatsheet. Last updated in October of 2025...

Portswigger-Lab-SQLI-4

PortSwigger Web Security Academy Lab Report: SQL Injection Att...

XSS-cheat-sheet-txt-dictionary-by-PortSwigger

XSS cheat sheet dictionary by PortSwigger PortSwigger diction...

portswigger-labs-writeups

portswigger-labs-writeups Complete writeups for P...

cl-cybersec-pysxss

XSS WAF Lab – Payload Generator This project studies how Web...

Blind-SQLi

Explotación de un SQLi a...

Gitbook

Personal Pentesting Knowledge Base 👋 Welcome! This reposit...

EUVD-2021-16051

Malware in sbrugna...

EUVD-2018-2450

Malware in sbrugna...

UP-RESULT PRO 1.0 SQL Injection

Titles: UP-RESULTpro-1.0 Multiple-SQLi Author: nu11secur1ty Date: 10/28/2024 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/15653/best-student-result-management-system-project-source-code-php-and-mysql-free-download Reference:...