Parameter pollution is a critical vulnerability in bug bounty hunting. Duplicate parameters can lead to bypassing security controls such as authentication, access control lists (ACLs), and WAF evasion. This bypass can also exploit business logic flaws like price manipulation. Blogpost recommendation: Highlight the importance of testing for parameter pollution in bug bounty programs and its impact on bypassing security controls.
For more insights, check out the original tweet here: https://twitter.com/kakpozvonitru/status/1898960945679864011