From Security Weekly Wiki
Jump to navigationJump to search
no edit summary
#[ Serious Vulnerability in GitHub Enterprise Earns Researcher $20,000 | SecurityWeek.Com]
#[ Security Testing Company NSS Labs Ceases Operations | SecurityWeek.Com]
#[ Apache Struts 2 Remote Code Execution - Exploitalert]- Was this post showing an example of a live target!
#[ Hackers are targeting CVE-2020-3118 flaw in Cisco devices]
#[ Multiple Vulnerabilities In Discord Desktop App Could Allow RCE Attacks] - ''If the contextIsolation is disabled, a web page’s JavaScript can affect the execution of the Electron’s internal JavaScript code on the renderer, and preload scripts… This behavior is dangerous because Electron allows the JavaScript code outside web pages to use the Node.js features regardless the nodeIntegration option and by interfering with them from the function overridden in the web page, it could be possible to achieve RCE even if the nodeIntegration is set to false.''


Navigation menu