Web cache deception - gachikuku/portswigger GitHub Wiki

Solution

1. Log in as wiener:peter.
2. Observe requests made and look at the /my-account endpoint adding a random resource such as meow.css
3. When visiting /my-account/meow.css. We get a x-cache miss with a max age of 30 (seconds).
4. With caching confirmed an exploit can be delivered to a victim.

   <script>document.location="https://uuid.web-security-academy.net/my-account/meow.css"</script>

5. Log out from wiener:peter and visit the URL that was used in the payload.