XSPA / SSRF Vulnerability with the Adobe Omniture Web Application April 23, 2013 in bugbounty, research, appsec, cross site port attacks A quick video post showing the XSPA/SSRF bug found with Adobe’s Omniture web application. This bug allowed for local file reads apart from being able to make arbitrary network requests. Continue reading