Exploiting JSON Cross Site Request Forgery (CSRF) using Flash

Update 2: For the Case 1, there is possibility in some cases where server reject the request due to extra padding of data, but there is another and best way, using fetch or XHR request we can submit the json formatted data without any limitations, added poc code for the same. Thanks to Prakash for making me aware … Continue reading Exploiting JSON Cross Site Request Forgery (CSRF) using Flash