Threat Hunter JohnWeb shell upload via Content-Type restriction bypassAnalysis:Jul 13, 2023Jul 13, 2023
Threat Hunter JohnDOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedAnalysis:Jul 9, 2023Jul 9, 2023
Threat Hunter JohnDOM XSS in document.write sink using source location.search inside a select elementAnalysis:Jul 9, 2023Jul 9, 2023
Threat Hunter JohnLab: Blind OS command injection with output redirectionAnalysis:Jul 5, 2023Jul 5, 2023