- SSRF in Exchange leads to ROOT access in all instances https://hackerone.com/reports/341876 4 comments netsec
Linking pages
- Towards secure by default Google Cloud: Default service accounts | by Jan Masarik | code.kiwi.com https://code.kiwi.com/towards-secure-by-default-google-cloud-platform-service-accounts-244ad9fc772 0 comments
- XXE at Bol.com. A write-up about a XXE bug that allowed… | by Jonathan Bouman | Medium https://medium.com/@jonathanbouman/hackernews-xxe-at-bol-com-7d331186de54 0 comments
- Capturing all the flags in BSidesSF CTF by pwning our infrastructure | by Bryan Eastes | HackerNoon.com | Medium https://medium.com/@CornflakeSavage/capturing-all-the-flags-in-bsidessf-ctf-by-pwning-our-infrastructure-3570b99b4dd0 0 comments
- Blind SQL Injection at fasteditor.hema.com | by Jonathan Bouman | Medium https://medium.com/@jonathanbouman/blind-sql-injection-at-fasteditor-hema-com-6ac140c0d1a3 0 comments