YNizry

Yaniv Nizry

Blogs
Advisories
Tags
Archives
About
Search

search

2024

12-08 DOMPurify 3.2.1 Bypass (Non-Default Config)
11-04 Sanitize Client-Side: Why Server-Side HTML Sanitization is Doomed to Fail
09-02 Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
05-26 mXSS: The Vulnerability Hiding in Your Code
04-28 Arbitrary File Write in Resume-Matcher
03-31 Apache Dubbo Consumer Risks: The Road Not Taken
03-10 Reply to calc: The Attack Chain to Compromise Mailspring
01-31 Authenticated Arbitrary File Read in Mealie
01-23 Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins

2023

12-20 SSRF in Gradio
11-28 PHP HTML parser differential due to libxml2 lack of HTML5 support
11-13 Typo3 HTML Sanitizer By-passing via the processing instructions
11-13 Masterminds/html5-php parser differential
11-04 Apache httpd Stored XSS by design
10-03 HtmlSanitizer vulnerable to Cross-site Scripting in Foreign Content
08-28 Playing Dominos with Moodle's Security (2/2)
08-21 Playing Dominos with Moodle's Security (1/2)
07-25 Typo3 HTML Sanitizer By-passing via the noscript tag
07-11 Vendure Cross Site Request Forgery vulnerability impacting all API requests
07-03 @vendure/admin-ui-plugin authenticated XSS
05-15 Pimcore: One click, two security vulnerabilities

2022

06-26 Spring Function Cloud DoS (CVE-2022-22979) and Unintended Function Invocation

2021

12-29 Deserialization attack via JDBC Appender in log4j
12-27 CVE-2021-44832: Apache Log4j 2.17.0 Arbitrary Code Execution via JDBCAppender DataSource Element
06-27 Prototype pollution in extend2
06-27 Prototype pollution in cloneextend
06-16 Unintended function invocation in Spring Cloud Function
06-16 DoS in Spring Cloud Function
06-13 CVE-2021-33420: NPM Replicator Remote Code Execution Deserialization
05-16 Deserialization RCE attack in replicator
04-25 Remote code execution vulnerability in reqwest
04-25 Command injection vulnerability in curl-ganteng
02-17 Hostname spoofing in url-parse
02-12 Hostname spoofing in urijs
02-09 Denial of Service in get-ip-range package
01-31 Mutation XSS in Mozilla-bleach using comments
01-13 CSRF in Elementor-Contact-Form-DB wordpress plugin

2020

12-22 RCE via site-offline wordpress plugin
12-16 Open redirect in Jupyter server
12-07 CSRF in ultimate-category-excluder wordpress plugin
11-26 Mutation Cross-Site Scripting in lxml
11-17 Reintroduced ReDoS in debug
08-19 Stored XSS via folder name in Codiad
08-19 Codiad SSRF when installing a plugin
08-19 Codiad CSRF in the plugin request
07-07 Mutation Cross-Site Scripting (mXSS) Vulnerabilities Discovered in Mozilla-Bleach
03-16 Mutation XSS in Mozilla-bleach via svg or math
02-24 Mutation XSS in Mozilla-bleach via noscript