{"uuid": "ac2ae5c9-1404-4ace-b937-c5c2634127d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1388", "type": "published-proof-of-concept", "source": "https://t.me/bhhub/795", "content": "#BugBountyTips of the Day\nA simple and an easy finding on @Hacker0x01   While fuzzing, server-status endpoint was forbidden (403)  Just added this header in request :   X-Forwarded-For: 127.0.0.1 and I was able to bypass the forbidden (403) url or page.  @ADITYASHENDE17  #bugbounty #togetherwehitharder  https://t.co/Ut6PGmFTky\n---\nNew web #pentesting video is live on the methodology of testing File Upload dialogues which can lead to stored HTML injection, XSS, XXE, SSRF, and RCE.  The goal is to bypass or trick the content \"restrictions\".   #bugbountytips #infosec #bugbounty   https://t.co/vSZ1Beg4JV\n---\nAlways wanted this \"Hacking Hackers\" badge. Finally got it !!  @Hacker0x01   Now Next goal is to participate in Live Hacking Events, hopefully I get a chance this year :)  #TogetherWeHitHarder #bugbounty #cybersecurity  https://t.co/aaY5IdLyhW\n---\nYay, I was awarded $200 bounty on @Hacker0x01   @ADITYASHENDE17  #bugbounty #togetherwehitharder  https://t.co/l9zE6zwKr2\n---\nCVE-2022-1388: F5 BIG-IP \ud83d\udd25   #infosec #bugbounty  https://t.co/UbXXvL9j9L", "creation_timestamp": "2022-06-10T13:37:04.000000Z"}