8May
JSON array payload POC for CVE-2022-24999
I'm currently exploring if one legacy project is vulnerable to CVE-2022-24999
I found a very helpful GitHub repo with POCs
However, in my case, I need to check if a payload passed in a JSON body to a POST request would get through. The repo contains an example of vulnerable POST route, but I cannot find a suitable payload. The repo only contains query string examples like categories[__proto__]&categories[__proto__]&categories[length]=100000000
How would that look as a JSON request body?
