Security Misconfigurations
Directory Traversal/Path Traversal
Directory traversal allows attackers to access files and directories stored outside of the root folder. These vulnerabilities can be manipulated using the dot-dot-slash sequence to reference absolute file paths and access critical/sensitive information.
Cookie Manipulation Attacks
This is sometimes referred to as a stored DOM-based attack, cookie manipulation is possible when vulnerable apps store user input and then embed it in a response within part of the DOM.
Last updated