A few vulnerabilities in DotCMS
Here I explain a few bugs I found and go into my methodology.
Great, another OSWE blog
My thoughts on the OSWE exam
Effortlessly finding Cross Site Script Inclusion (XSSI) & JSONP
Methdology for XSSI & JSONP vulnerabilities.
Broken API Authorization
A good ol’ API authorization bug.