VIDEO: web application firewall bypass with a XSS attack

In the following demo video, Sandro Gauci of EnableSecurity shows how an attacker can switch off dotDefender in order to bypass any “protection” offered by the WAF. ¬†Such attack is possible By exploiting a cross-site scripting vulnerability in the log viewer facility of the dotDefender admin interface. ¬†Watch the video below for a more in […]

Read More →