You can bypass XXE restrictions on some WAF for SSRF and file read by using a space before the protocol:
“ http://“
“ file://“
#bugbountytips
Subscribe for the latest news:
You can bypass XXE restrictions on some WAF for SSRF and file read by using a space before the protocol:
“ http://“
“ file://“
#bugbountytips