A groundbreaking study from Tsinghua University and Zhongguancun Laboratory has uncovered critical vulnerabilities in modern web infrastructure, revealing that HTTP/2 server push and Signed HTTP Exchange (SXG) features can be exploited to bypass the Same-Origin Policy (SOP)—a cornerstone of web security. The SOP is designed to prevent malicious scripts on one website from accessing sensitive […]

The post Hackers Exploit HTTP/2 Flaw to Launch Arbitrary Cross-Site Scripting Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

Source: gbHackers
Source Link: https://gbhackers.com/hackers-exploit-http-2-flaw/