Cross Site Port Attack (XSPA)

#application-pentesting #security-testing #dynamic-analysis #input-validation #secure-coding #software-security

Focus Areas: 🔐 Application Security , ⚙️ DevSecOps , 🦠 Malware Analysis

Abstract

Recognized as Web Hacking Top 10 Techniques in the year 2012

From : https://ibreak.software/2012/11/cross-site-port-attacks-xspa-part-1/

Cross Site Port Attack (XSPA) is a vulnerability that allows attackers to fetch status of TCP ports (and grab service banners) over the Internet or internal systems by abusing a feature in web applications that makes HTTP requests using attacker supplied URLs.