Dark C0d3rs

Dark C0d3rs > Exploit Log > Research Papers/Vulnerability reports > HackerOne Disclosed Reports - 2026-02-11
Full Version: HackerOne Disclosed Reports - 2026-02-11
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

hashXploiter

02-12-2026, 12:30 PM
Logo
Medium
resolved

Cache Pollution via Unkeyed GET Parameters on www.omise.co


Bug reported by Ali Toni was disclosed at February 11, 2026, 11:25 pm   |  

The CDN serving the website appeared to cache pages based on the full URL, including arbitrary query parameters, without normalizing or properly keying them. This behavior resulted in cache pollution, where the cache was filled with redundant versions of the same page.


Dark C0d3rs > Exploit Log > Research Papers/Vulnerability reports > HackerOne Disclosed Reports - 2026-02-11