Mattermost
#1216203 Mattermost Server OAuth Flow Cross-Site Scripting
Kubernetes
#1167773 Loading YAML in Java client can lead to command execution
Nextcloud
#1194606 Virtual Data Room / Hide download on collabora is easy to bypass
#1202590 Webauthn tokens are not removed on user deletion
Acronis
#1071832 Local privilege escalation via insecure MSI file
信息收集思维导图
关于信息收集的一些记录
一个工业和信息化部ICP备案查询的爬虫
识别 JS 文件中敏感数据
