2 matches found
New Relic: Host Header Injection
Reproduction 1- open reset link https://login.newrelic.com/passwords/forgot 2- Enter the victim's email address and click Reset and Email Password 3- Intercept the HTTP request in Burp Suite & add X-Forwarded Host Header and write attacker.com/.newrelic.com link will be like...
Gmail - Spoof email from any sender (Warning and Alert Bypass)
By using this bug you can send a email from any email address to any gmail user and no warning or yellow triangle or else is shown except your message and sender's email. Example: From: email protected To: email protected Subject: Blah blah.. Message : any message Now the victim sees that the...