-
Vulnerable Library - htmlsanitizer.5.0.355.nupkg
Cleans HTML from constructs that can be used for cross site scripting (XSS)
Library home page: https://api.nuget.org/packages/htmlsanitizer.5.0.355.n…
-
**FINDING ID:** iSEC-COMMO13-4
**TARGETS:** The lack of an HTTPOnly flag on the sysauth administrative session cookie.
**DESCRIPTION:** Cookies set by the administrative application are not protecte…
-
Need to develop a test suite, as part of current functional tests, to emulate WAF bypassing requests and Web attacks.
### Analyzer + backend
One of the way, probably the simplest and featureful …
-
## CVE-2017-14735 - Medium Severity Vulnerability
Vulnerable Library - antisamy-1.5.3.jar
The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML
…
ghost updated
1 month ago
-
## CVE-2016-10006 - Medium Severity Vulnerability
Vulnerable Library - antisamy-1.5.3.jar
The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML
…
ghost updated
1 month ago
-
Hello Julian,
👍 Nice work! In order to learn web security, we have to learn the basics of web development. Because web development isn't the goal of this course, everyone will receive the same U…
-
Vulnerable Library - jsoup-1.14.3.jar
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the be…
-
How can we add XSS (Cross Site Scripting) prevention to this library?
-
# Summary
SeaCms V12.9 contains multiple stored XSS vulnerabilities originating from insufficient filtering of several configuration variables in data.php related to `$yzm`. These vulnerabilities can…
-
- [ ] Come up with 5 most important tests to have in system by Tue EOD
- [ ] Reasoning why you are picking these 5 by Tue EOD
- [ ] Implemetation of these 5 actions by Wed EOD