Beyond the Scanner: Analyzing Infrastructure & Logic Vulnerabilities in SaaS APIs

Executive summary During a security assessment of an enterprise-grade package library, I identified a multi-stage attack chain composed of three logic and infrastructure flaws: HTTP Parameter Pollutio