文章来源: https://portswigger.net/research/saml-roulette-the-hacker-always-wins
SAML roulette: the hacker always wins
admin
测试个人简介-安全爱好者
Introduction In this post, we’ll show precisely how to chain round-trip attacks and namespace confusion to achieve unauthenticated admin access on GitLab Enterprise by exploiting the ruby-saml library
评论 (0)