H1漏洞报告 Sifchain #1188643 Vulnerable javascript dependency at Main domain GitHub Security Lab #1287573 Java: Unsafe deserialization with Jackson #1287574 [Java] CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') #1287575 [Python] CWE-287: LDAP Improper Authentication #1287576 [Python]: Add SqlAlchemy support for SQL injection query 挖洞技巧 Bug Bounty Stories #1: Tale of CSP bypass in an electron app! | by SecurityGOAT | Jul, 2021 | Medium how to be popular · discrete blogarithm PostMessage Xss vulnerability on private program | by Youghourta Ghannei | Aug, 2021 | Medium

bugbounty技巧聚合20210803

Sifchain

GitHub Security Lab

#1287573 Java: Unsafe deserialization with Jackson
#1287574 [Java] CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
#1287575 [Python] CWE-287: LDAP Improper Authentication
#1287576 [Python]: Add SqlAlchemy support for SQL injection query