V4 - Access Control
Token Leakage via Referer
POC
Observe that token is disclosed to one of the followings with Referer Header to any of the followings: - Trusted 3rd Party - Untrusted 3rd Party - Over HTTP
Impact
Low-Medium
Likelihood
Low
Observe that token is disclosed to one of the followings with Referer Header to any of the followings: - Trusted 3rd Party - Untrusted 3rd Party - Over HTTP
Low-Medium
Low