HTTP Parameter Pollution is one of those vulnerabilities that were around for a very long time, but has been identified only in the recent past. HTTP Parameter Pollution was first presented by Stefano di Paola and Luca Carettoni in 2009 at the OWASP Poland conference. HPP is short for HTTP Parameter Pollution.

HTTP Parameter Pollution, as the name itself implies, pollutes the HTTP Parameters to perform unintended actions from a normal user’s perspective in a web application. Here we have noticed two independent words from HPP i.e. HTTP Parameters and Pollution.