When looking into the API internals of JetBrain's YouTrack, the author discovered an undocumented endpoint for getting issue descriptions without any styling or markdown.This endpoint was not protected with role validation or any user authentication at all, likely because it's only meant to be used internally...
Plenty of background here, both in terms of software, architecture, and testing environment.Probably worth checking out if you want to get into car hacking...
The vulnerability here is in libterm.js as used by AWS CloudShell.When handing the escape to get the Termcap/Terminfo string (+q) it’ll reflect the parameter right back into the respond...
This is another one of those, IDE/tooling doing more than you expect issues.In Rust you have `#[proc_macro]`s which are functions that are executed at compile time...
The vulnerability itself is in ExifTool, in parsing DjVu archive metadata it will parse the token, do some validation on it to make sure its safe and call `eval` on it to parse the C-Style string escapes within the string.The problem is the validation trips up on handling an escaped newline, ignoring the newline character and thinking the next character is the escaped one...
This is a surprisingly simple reflected XSS on instagram.com.Just a next= URL parameter that is reflected into an href, you can include a javascript: target for the url...
12 CVEs, a few fundamental design issues, and some implementation issues.The implementation issues generally just removed some restrictions on abusing the design flaws making them more practical...
Crypto-attacks are not my strong point, so I might be missing some nuance to this one.The first important concept is flash loans...
D-Link attempted to provide some protection against brute-force by delaying the response for three seconds on a bad login.The problem was that the delay only happened on a bad login meaning, so there was a clear timing difference between a good and bad login attempt...
Kind of a neat attack to track users across browsers.Potentially fairly loud for most users though...