A Fun SSRF through a Headless Browser
I found a Server-Side Request Forgery in March 2022 (well, more than one luckily)! But let's talk about the coolest one. So you can learn. I don't like talking about bounty amounts. (It's ok if you do, we all get excited) Instead, I'll show you how I found it: The scope of this program was *.βββ.…