HTTP parameter pollution

Description
  • This script is possibly vulnerable to HTTP Parameter Pollution attacks.<br/><br/> HPP attacks consist of injecting encoded query string delimiters into other existing parameters. If the web application does not properly sanitize the user input, a malicious user can compromise the logic of the application to perform either clientside or server-side attacks.
Remediation
  • The application should properly sanitize user input (URL encode) to protect against this vulnerability.
References