|
|
|
|
|
|
by arkadiyt
868 days ago
|
|
|
It's a common bypass of server side request forgery filtering. Backends will try to validate that a user-submitted url doesn't resolve to an internal IPv4 address, but they'll happily allow an IPv6 mapped version for the same IPv4 address. |
|
|