CVE-2022-0853 A flaw was found in JBoss-client
The discovered issue allows a remote attacker to execute arbitrary code on the target system in context of the current user. This can be exploited
CVE-2022-26336 - How a Simple Bug in Apache POI Can Crash Your Application with Out of Memory
In March 2022, a vulnerability was discovered in the Apache POI library, specifically in the poi-scratchpad module. This vulnerability—CVE-2022-26336—might not sound scary at
CVE-2022-23640 - XML Entity Expansion Vulnerability in Excel-Streaming-Reader & How to Stay Safe
If you’re working with spreadsheets in Java, you might know about Excel-Streaming-Reader. It’s a handy library that lets you read really large Excel
CVE-2022-24442 - How JetBrains YouTrack's FreeMarker Templates Opened the Door to Server-Side Template Injection (SSTI)
In early 2022, a critical vulnerability (CVE-2022-24442) was discovered in JetBrains YouTrack — a popular issue tracker used by software teams globally. The bug involved Server-Side
CVE-2022-24948 - Exploiting Apache JSPWiki XSS via User Preferences - A Deep Dive
---
Introduction
In the world of web security, Cross-Site Scripting (XSS) remains one of the oldest and most dangerous web application vulnerabilities. In this post,
Episode
00:00:00
00:00:00