You can bypass XXE restrictions on some WAF for SSRF and file read by using a space before the protocol:
“ https://“
“ file://“
#bugbountytip #bugbounty
You can bypass XXE restrictions on some WAF for SSRF and file read by using a space before the protocol:
“ https://“
“ file://“
#bugbountytip #bugbounty