BugCrowd Bug Bounty Disclosure: P5 – Dangerous RTLO Injection – By nt3c
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct at the time of posting.
Program
Program Information
asana
Details
Additional Information
- Priority: P5
It was possible to perform RTLO Injection (Right To Left Override Injection). This technique takes advantage of \u202E, a non-printing Unicode character that causes the text that follows it to be displayed in reverse it is commonly used to disguise a string and/or file name and/or url to make it appear benign and to bypass security defences.
Submitted By
Submitter Information
- Hacker Points: N/A
- Hacker Accuracy: N/A
- Hacker Rank: N/A
N/A