Filed In: InfoSec, Security Testing, Security
Written By: Ryan Borden
February 21, 2018
A few years back I was testing an application which had CSV export functionality and I noticed something weird. When I clicked the export button the application submitted a request with the CSV data in the POST body.