-
Hi there
Security scans revealed that a version of jQuery from 2011 (1.6.1) [is being used](https://github.com/dstndstn/astrometry.net/blob/47849f0443b890c4a875360f881d2e60d1cba630/net/static/js/jq…
-
## CVE-2024-22195 - Medium Severity Vulnerability
Vulnerable Library - Jinja2-2.11.3-py2.py3-none-any.whl
A very fast and expressive template engine.
Library home page: https://files.pythonhosted.or…
-
## CVE-2018-14040 - Low Severity Vulnerability
Vulnerable Library - bootstrap-3.3.7.min.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library h…
-
``` js
t('{hasOwnProperty(alert("xss"))}');
```
demonstrates the translation string as a potential xss vector. It's not hinted anywhere in the API docs that one should stick external vars in the tran…
-
How can we add XSS (Cross Site Scripting) prevention to this library?
-
## CVE-2022-25869 - Medium Severity Vulnerability
Vulnerable Library - angular-1.8.3.tgz
HTML enhanced for web apps
Library home page: https://registry.npmjs.org/angular/-/angular-1.8.3.tgz
Path to …
-
- [ ] Come up with 5 most important tests to have in system by Tue EOD
- [ ] Reasoning why you are picking these 5 by Tue EOD
- [ ] Implemetation of these 5 actions by Wed EOD
-
Hello lei,
👍 Nice work! In order to learn web security, we have to learn the basics of web development. Because web development isn't the goal of this course, everyone will receive the same UI sco…
-
Need to develop a test suite, as part of current functional tests, to emulate WAF bypassing requests and Web attacks.
### Analyzer + backend
One of the way, probably the simplest and featureful …
-
## Observations
We have noticed a number of parsing differences between the Masterminds/html5-php parser and the HTML5 specification. We think that the root cause of those issues drills down to the […