MS Edge – HTTP Access Control (CORS) Bypass
This is a short post about a vulnerability that Prakash Sharma from our web app pentesting team, found in Microsoft Edge. TL;DR Edge failed to recognize HTTP Authentication information (i.e. Authorization Header) as credential information…