2 matches found
PortSwigger Web Security: Redirection in Repeater & Intruder Tab
This was a bug in Repeater/Intruder whereby a meta redirect would be followed when a user clicked the follow redirection button regardless of the content type or content disposition headers used on the target web site. This could disclose the referrer header. It was considered a low severity issu...
Grammarly: "More on Wikipedia" link disclose "Referrer" and leak `window.opener` reference for arbitrary websites
Summary: "Referrer" leak http:// link to Wikipedia transferring Referrer header allows a remote attacker with MITM access to sniff Referrer URL for important tokens after following "More on Wikipedia" link. Controllable page MITM with window.opener pointing to the navigation-initiated webpage...