HTTP OPTION Method is Enabled on portswigger.net
Low
P
PortSwigger Web Security
Submitted None
Actions:
Reported by
wragg-s
Vulnerability Details
Technical details and impact analysis
Enabled OPTION method on web server allows unauthorized blind submission of privileged GET requests.
Report Details
Additional information and metadata
State
Closed
Substate
Not-Applicable
Submitted
Weakness
Violation of Secure Design Principles