In the attached blog post, Soroush (@irsdl) will show you a better way to exploit non-root-relative path overwrite issues in ASP.NET Web Form applications. This is a low risk vulnerability that can be used to inject a resource such as a stylesheet or even a dynamic JavaScript into an affected web page.

I had intended to publish this earlier but enjoy.

You must be logged in to post a comment.