-
In this opportunity[ the hacker](https://etherscan.io/txs?a=0x2a2c200af4e659348c4182dd9806a340851df42e&p=1) drained native assets from the protocol without deploying any contract.
Considering the h…
-
I'm trying to look at OCM through GNAP glasses, and notice the following:
# short-lived and client-bound access tokens
In the current design, the access token is not short-lived and not client-bou…
-
Raw: https://raw.githubusercontent.com/thedoggybrad/supersecurityfilterlist/main/list.txt
Github: https://github.com/thedoggybrad/supersecurityfilterlist
-
**Is your feature request related to a problem? Please describe.**
When replacing a url with regex, there is some cases where you need to transform them. For example: example.com/HeY ➔ example.com/he…
-
## Story
As a wallet user who want to avoid being phished by 3rd party web applications, I want to be reminded before I was redirected to an external link, so I can double check the link before I c…
-
**A security issue that codeql cannot detect**
A file upload cannot be detected by codeql using the transferTo function
```java
public static File uploadFile(MultipartFile fileUploader) {
…
-
I tried `.allowTextIn("style")` but it treats it as CDATA? instead of PCDATA ? That results in `` not being sanitized at all. Any idea on how to achieve this?
-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Feature Description
- Phishing website detection using deep learning leverages advanced neural network models …
-
If a user clicks a link from their mail client, and the URL has been protected by Safelinks (a Microsoft/Outlook feature), the initial domain name within the Safelinks part of the URL triggers the Bro…
-
**Is your feature request related to a problem? Please describe.**
Currently, for Auth you only allow an OTP code (6 digit number) to be sent by SMS. However, there is no way to send this code to a u…