An HTTP parameter pollution (HPP) attacks occurs when an HTTP parameter is repeated multiple times in the same request and the server processes in a different way each instance, causing an unexpected behavior in the application.

In this recipe, we will demonstrate how HPP can be exploited and will explain how it can be used to bypass certain security controls.