Vulnerability
Handling Log4Shell vulnerability
Summarizing the current state of advice regarding the Log4j vulnerability.
Summarizing the current state of advice regarding the Log4j vulnerability.
Details about the vulnerability class Untrusted Deserialization.
Writeup of my Same-Origin Policy Bypass in Chrome with SVG (CVE-2014-3160).
Generic Detection of XML External Entity (XXE) Vulnerabilities.
Details about the vulnerability class I identified in the HTML5 WebSocket specification (RFC 6455).