top | item 44368868 (no title) ikmckenz | 8 months ago Related: https://arstechnica.com/gadgets/2025/05/open-source-project-... discuss order hn newest moyix|8 months ago The main difference is that all of the vulnerabilities reported here are real, many quite critical (XXE, RCE, SQLi, etc.). To be fair there were definitely a lot of XSS, but the main reason for that is that it's a really common vulnerability. ikmckenz|8 months ago All of them are real? You have a 100% rate of reports closed as valid?
moyix|8 months ago The main difference is that all of the vulnerabilities reported here are real, many quite critical (XXE, RCE, SQLi, etc.). To be fair there were definitely a lot of XSS, but the main reason for that is that it's a really common vulnerability. ikmckenz|8 months ago All of them are real? You have a 100% rate of reports closed as valid?
moyix|8 months ago
ikmckenz|8 months ago