Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover
Recently, while auditing the main application of a private bug bounty program, I discovered a Client-Side Path Traversal (CSPT) and a Cache Deception vulnerability. Individually, these issues were ...