Online Web Cache Poisoning Vulnerability Scanner
The vulnerability allows attackers to inject malicious data into the cache of a vulnerable server, which could then be served to other users.
Short Info
Level
Low
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
3 days
Scan only one
Domain, IPv4
Toolbox
-
The web is an amazing resource for the average person. But, there are still some risks to be aware of. One of those risks is cache poisoning - a technique that allows attackers to inject malicious data into caches on vulnerable servers and disrupt websites with cached content. This could potentially allow attackers to inject javascript or other harmful code into your browser cache without you realizing it.
Cache poisoning is a more sophisticated approach of poisoning a website's cache that involves exploiting the actions of a web server and cache to serve the victim with an undesirable HTTP response.
Web cache poisoning is defined as two distinct phases. The first step is for the hacker to figure out how to induce a response from the back-end server that contains some sort of harmful payload. They must ensure that their response is cached and served to the intended victims once they have succeeded.
A poisoned web cache may be used to launch a number of different attacks, including cross-site scripting (XSS), JavaScript injection, open redirection, and so on.