CSPT

Client Side Path Traversal

https://app.example.com/delete-session?session=../profile

The resulting DELETE request would target /api/users/profile instead of /api/users/sessions/${sessionId}.

Path Traversal Vulnerabilities In Client SideDeepStrike

CSPT2CSRF

Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery - Introducing CSPT2CSRF · Doyensec's Blog

Burp Extension

Client-Site Path Traversal Exploitation

GitHub - doyensec/CSPTBurpExtension: CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.GitHub