Null Byte Injection
Unanswered
DavidF9265 posted this in #help-forum
Hey people, has anyone faced before PCI compliance issues with next/image package?
im reviewing a report pointing out that next/image is unable to handle null byte injection attacks, but i feel this as a false positive, as next/image succesfully rejects any string rather than numbers from 1 to 100
im reviewing a report pointing out that next/image is unable to handle null byte injection attacks, but i feel this as a false positive, as next/image succesfully rejects any string rather than numbers from 1 to 100