An interesting discovery has been made in a widely used framework that allows manipulation of the router to bypass specific filters/WAF or completely bypass the existing CSP. This vulnerability can have serious implications for web application security. Stay tuned for a detailed blog post on this discovery.
Check out the original tweet here: https://twitter.com/zhero___/status/1861555487642144980