I wanted to point out a blog post by the company Detectify (same people that found a vuln in the SNI validation a while ago, but a different issue): https://labs.detectify.com/2018/09/04/xss-using-quirky-implementations-of-acme-http-01/ They found that some implementations of ACME enable cross sit…

XSS via ACME implementations

felixf September 15, 2018, 1:18pm 2

You might also be interested in this discussion: Is .well-known/acme-challenge/ an XSS risk

1 Like