← Cybersecurity Alphabet Soup

HPP

HTTP Parameter Pollution

attackshard

HTTP Parameter Pollution supplies multiple parameters with the same name in a web request, exploiting the fact that different servers and frameworks handle duplicates differently. Attackers use these inconsistencies to bypass input validation, alter application logic, or smuggle values past security filters. It highlights why every layer of a web stack must agree on how requests are parsed.

Sources

More in attacks