Pentest Reference: HTTP Header Attacks Published Feb 19, 2022 Contents References References Portswigger: HTTP Header Attacks Chaining password reset link poisoning, IDOR, and information leakage to achieve account takeover at api.redacted.com Fun with Header and Forget Password