V4 - Access Control
Token Leakage via Referer
POC
Observe that token is disclosed to one of the followings with Referer Header to any of the followings: - Trusted 3rd Party - Untrusted 3rd Party - Over HTTP
Impact
Low-Medium
Likelihood
Low
Cobalt Vulnerability Wiki
Ready to get started?
Join some of these great clients we’re proud to have helped