Detecting and exploiting path-relative stylesheet import (PRSSI) vulnerabilities Published: 17 February 2015 at 15:48 UTC Updated: 10 February 2021 at 14:29 UTC Early last year Gareth Heyes unveiled a fascinating new technique for attacking web applications by exploiting path-relative stylesheet imports, and dubbed it ‘Relative Path Overwrite’. This attack tricks browsers into importing HTML pages