In computer security, a vulnerability is a weakness which can be exploited by a threat actor, such as an attacker, to perform unauthorized actions within a computer system.
I’m writing this almost 1 year after reporting them about their weird implementation. So, Responsible disclosure … CHECK And also because one of my friends noticed it recently and insisted me on writing this article. So, how I got the idea in the first place? ……
So let’s revert back some months … I just came to know about a fellowship program by IIT Bombay, named FOSSEE. It’s just 26 hours before hitting the deadline, let’s get into it! After seeing and reading the documentation, mainly, it included two steps : It seemed to be a…
Finding OS Command Injection vulnerability which allows arbitrary shell command execution through a crafted command-line argument on Jison in parser ports began when I started receiving lots of invites over Hackerone. An injection vulnerability manifests when application code sends untrusted user input to an interpreter as…