by Bill Sempf
4. November 2018 10:04
A new-to-me file upload vulnerability scanner got an update recently - worth a look.
https://github.com/almandin/fuxploider
Not a very USEFUL vulnerability, but someone figured out how to bypass Chrome's security model for cookies.
https://mango.pdf.zone/stealing-chrome-cookies-without-a-password
Telerik (a developer tools company) has a good post on XSS and Content Security Policy.
https://www.telerik.com/blogs/on-cross-site-scripting-and-content-security-policy
And that's the news!
c4a3c10a-3fc0-460a-8479-cfbe5ae262a6|0|.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04
Tags: