|
|
|
|
|
|
by nofriend
45 days ago
|
|
|
>If a url parameter would've been a vulnerability because something lower down the stack misinterprets it By assumption, you are using this url parameter. So you have a bug where you've forgotten to allow this parameter, which will quickly be discovered in your logs and fixed. Then the vulnerability, which you are thus far unaware of, will quickly be exposed. Those url parameters you are not using cannot hurt you. |
|
|