NorthSec CTF:
https://twitter.com/northsec_io?lang=en
Cross-Site Scripting (XSS) in Cockpit Next:
https://securitylab.github.com/advisories/GHSL-2021-1035_Cockpit_Next/
HTML sanitizer bypass leading to XSS in esdoc-publish-html-plugin:
https://securitylab.github.com/advisories/GHSL-2021-1034_esdoc-publish-html-plugin/
Copy-paste XSS in vditor text editor:
https://securitylab.github.com/advisories/GHSL-2021-1006-vditor/
Copy-paste XSS in textAngular text editor:
https://securitylab.github.com/advisories/GHSL-2021-1001-textAngular/
Partial path traversal in Apache Felix Atomos:
https://securitylab.github.com/advisories/GHSL-2022-007_Apache_Felix_Atomos/
Partial path traversal in Apache Karaf:
https://securitylab.github.com/advisories/GHSL-2022-005_006_Apache_Karaf/
Partial path traversal in Apache Pinot:
https://securitylab.github.com/advisories/GHSL-2022-004_Apache_Pinot/
Partial path traversal in Apache James Server: https://securitylab.github.com/advisories/GHSL-2022-002_GHSL-2022-003_Apache_James_Server/
Presented by:
Joseph Katsioloudes (@jkcso)
Connect with us:
Twitter: @GHSecurityLab
Web: securitylab.github.com
About GitHub Security Lab:
“Securing the world's software, together” - GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on.