Cloudflare Image Proxy as a CSPT Gadget: A Cross-Origin CSPT Exploit

The CSPT (Client-Side Path Traversal) vulnerability has recently attracted considerable attention from bug bounty hunters and security researchers because of its flexibility and the variety of real-world impacts it can enable. CSPT arises when user-c...