Client Side Path Traversal
- Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!
A client side path traversal occurs when you can manipulate the path of a URL that is going to be sent to a user to visit in a legit way or that a user is somehow going to be forced to visit for example via JS or CSS.
In this writeup, it was possible to combine a client side path traversal via CSS (it was possible to change the path where a CSS resource was loaded from) with an open redirect to load the CSS resource from an attacker controlled domain.
- Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!