Site icon API Security Blog

GO-2021-0321

An attacker capable of spoofing DNS TXT records can redirect a
WebSocket connection request to a server under their control without
causing TLS certificate verification to fail. This occurs because
the wrong host name is selected during this verification.Read More

Exit mobile version