diff --git a/pentesting-web/cross-site-websocket-hijacking-cswsh.md b/pentesting-web/cross-site-websocket-hijacking-cswsh.md
index 32e071462..326a2326f 100644
--- a/pentesting-web/cross-site-websocket-hijacking-cswsh.md
+++ b/pentesting-web/cross-site-websocket-hijacking-cswsh.md
@@ -157,6 +157,14 @@ sudo python3 -m http.server 80
 
 As Web Sockets are a mechanism to **send data to server side and client side**, depending on how the server and client handles the information, **Web Sockets can be used to exploit several other vulnerabilities like XSS, SQLi or any other common web vuln using input of s user from a websocket.**
 
+## **WebSocket Smuggling**
+
+This vulnerability could allow you to **bypass reverse proxies restrictions** by making them believe that a **websocket communication was stablished** (even if it isn't true). This could allow an attacker to **access hidden endpoints**. For more information check the following page:
+
+{% content-ref url="h2c-smuggling.md" %}
+[h2c-smuggling.md](h2c-smuggling.md)
+{% endcontent-ref %}
+
 ## References
 
 {% embed url="https://portswigger.net/web-security/websockets#intercepting-and-modifying-websocket-messages" %}