Wednesday, May 20, 2009

HTTP Parameter Pollution

New type of attack on web applications: Parameter Pollution
At the recent OWASP conference, the Italian security experts Luca Carettoni and Stefano Di Paola demonstrated a new way of manipulating web applications and tricking security systems: HTTP Parameter Pollution (HPP). This form of attack essentially involves submitting the parameters in GET and POST requests in unusual form or order, or with unusual delimiters

More Ifo about this New attack

No comments: