An attacker sends a request to an online university portal site with the information:
https://portal.a-univ.edu/?search=students&results=50&search=staff
Which type of vulnerability does the attacker try to exploit?
- redirect
- session hijacking
- default credential
- HTTP parameter pollution
|
Explanation & Hint: HTTP parameter pollution (HPP) vulnerabilities can be introduced if multiple HTTP parameters have the same name. This issue may cause an application to interpret values incorrectly. An attacker may use HPP vulnerabilities to bypass input validation, trigger application errors, or modify internal variable values. |