Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2334OVE-20210809-0001 Visual Studio Code .ipynb Jupyter Notebook XSS (Arbitrary File Read) XSS Arbitrary file read Microsoft Justin Steven (@justinsteven) Bug Bounty2021-08-112023-06-13
2237GitHub Actions check-spelling community workflow - GITHUB_TOKEN leakage via advice.txt symlink Logic flaw Information disclosure GitHub Justin Steven (@justinsteven) Bug Bounty2021-09-082023-06-13
1724Git honours embedded bare repos, and exploitation via core.fsmonitor in a directory%27s .git/config affects IDEs, shell prompts and Git pillagers RCE GitHub Microsoft JetBrains Justin Steven (@justinsteven) Bug Bounty2022-03-162023-06-13
1460Amazon Linux "log4j hotpatch" <1.3-5 local privilege escalation to root (race condition) Local Privilege Escalation Amazon Justin Steven (@justinsteven) Bug Bounty2022-06-152023-06-13
498postMessage DOM XSS vulnerability in Gartner Peer Insights widget postMessage DOM XSS Gartner Gradle LogRhythm SentinelOne Synopsys Veeam Vodafone Black Kite ReversingLabs Tata Communications Justin Steven (@justinsteven) Bug Bounty2023-02-042023-06-13