Episode 11: CV$$, Web Cache Deception, and SSTI
Critical Thinking - Bug Bounty Podcast
00:00
How to Avoid Web Caching Deception
Caching is often used for assets, right? It's for like JavaScript, images, the types of stuff that you don't want to be reloading. And if they make a mistake and they're caching user data in some sense, whether that be a token or anything that's like specific, user specific,. That's definitely a huge risk for web cache deception and web cache poisoning where you can. But just make sure that you're not using like the standard URL because you're going to get some angry program emails, probably.
Transcript
Play full episode
