Affinez votre recherche
Affichage 1 - 12 sur 259 ressources
Remote Code Execution with Spring Boot 3.4.0 Properties
this article introduces two methods for leveraging Logback configuration to achieve Remote Code Execution (RCE) in Spring Boot applications. These techniques are effective on the latest version of Spring Boot, with the second approach requiring no additional dependencies.
Hijacking OAUTH flows via Cookie Tossing
Learn about Cookie Tossing attacks, a rarely explored technique to hijack OAuth flows and enable account takeovers at Identity Providers (IdPs). Discover its implications, real-world examples, and how to safeguard applications using the Host cookie prefix.
How to respond to a newly discovered vulnerability
Learn how to effectively respond to newly discovered vulnerabilities with a structured approach using the Vulnerability Management Cycle. Discover the importance of tools like Snyk for centralizing, analyzing, and remediating vulnerabilities across your software development lifecycle.