Sometime ago in the past, while fuzzing Zendesk randomly, I came across a very odd kind of sanitization technique in a JSON endpoint and even though this was a black-box approach, I would assume this was what was happening in their back-end server, can you spot the bug? $sanitized =…