
Cross-Site Websocket Hijacking (2013) - twunde
https://www.christian-schneider.net/CrossSiteWebSocketHijacking.html
======
twunde
I'll note that OWASP ZAP scans don't appear to be picking up on this
vulnerability :(

