-
## What happened?
Attacker code is injected on to the `docs.flutter.dev` dart-pad embed.
## Steps to reproduce problem
```js
const w = open('https://docs.flutter.dev/cookbook/effects/staggered…
-
# Bug report / security issue
- [x] I confirm this is a bug with Supabase, not with my own application.
- [x] I confirm I have searched the [Docs](https://docs.supabase.com), GitHub [Discussions]…
-
[Cosmo debug flags](https://github.com/jart/cosmopolitan?tab=readme-ov-file#debugging) could be useful for debugging, however they are extracted from the command-line too widely: they are accepted any…
-
### Version
At least 16 and 17
### Please provide a link to a minimal reproduction of the bug
_No response_
### Please provide the exception or error you saw
```true
The `isCallbackFromSts` only …
-
This is just a quick thought I had, and might not work at all. Instead of adding stream hijacker callbacks (both for unidirectional and bidirectional) streams, we could introduce an `Server.ServeStrea…
-
Rod Version:v0.116.1
## What you got
Hello, how can I set up a proxy for this request after hijacking the domain name?
-
Hi chcg,
I saw you're maintaining a lot of NPP plugin repositories and contribute little fixes.
There is https://github.com/crypto-rsa/XmlNavigator, which is abandoned. I quite love it and prefer …
dodmi updated
2 months ago
-
Hey there,
I want to report a task hijacking vulnerability I found on 2fas Android latest app version. Here is the explanation and the associated PoC I made to confirm the vulnerability.
Activi…
-
Hello,
I've compiled the code for storsvc with only 1 change, which is windows 10 to windows 11 in storsvc_c.c. And when I ran the RpcClient.exe binary on a Windows 11 system, I encountered an erro…
kayji updated
1 month ago
-
1. I search for "zxcvbn" packages https://asset-packagist.org/package/search?query=zxcvbn
2. I see that "npm-asset/zxcvbn-ts--core" exists, with a latest release at 3.0.2
3. I click on the package n…