writeups.xyz / HTTP Desync Attack (Request Smuggling) - Mass Account Takeover at a Cryptocurrency based asset and 121 other websites

Submitter : c2a

Date: 14 September 2022

Bounty : 4,300

Vulnerabilities :

• HTTP Request Smuggling
• Desync Attack

Programs :

• Undisclosed

Authors :

• Ankit Singh (@AnkitCuriosity)

Link :
https://github.com/AnkitCuriosity/Write-Ups/blob/main/HTTP%20Desync%20Attack%20(Request%20Smuggling).md