Citrix Netscaler Web Application Firewall Bypass Vulnerability
I was able to bypass Netscaler WAF using a method which may be called HTTP Header Pollution. The setup that I used was like below. An Apache web server with default configuration on Windows (XAMPP). A SOAP web service which has written in PHP and vulnerable to SQL injection. Netscaler WAF with SQL i...