easyoffer icon indicating copy to clipboard operation
easyoffer copied to clipboard

Published 20 hours ago verified publisher icon kivaiko

fixing vulnerability

Open MrNom4ik opened this issue 1 year ago • 1 comments

The code has the ability to spoof an IP address associated with the X-Forwarded-For header. Example of exploit:

curl -H "X-Forwarded-For: 1.1.1.1" https://easyoffer.ru/Jljo0U9Erg7QDtkb133G7vzDexHVw6Iz

MrNom4ik avatar Nov 23 '23 16:11 MrNom4ik