Last week, an advisory (SA-CORE-2019-008) addressing a Drupal access bypass vulnerability was made public. MITRE assigned CVE-2019-6342 to this critical vulnerability. This is post to document the steps I took to create a PoC for SA-CORE-2019-008. Last such post on this blog was about Apache JMeter RMI Code Execution PoC (CVE-2018-1297). Read more about Drupal (SA-CORE-2019-008) Wordspaces Extension Access Bypass PoC
Archives for July 2019
UPDATE: OWASP Dependency-Check 5.1.0
My first post about this open source OWASP project was about an older version. Some days back, a new version was released. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 5.1.0, which includes a lot of bug fixes and enhancements. Read more about UPDATE: OWASP Dependency-Check 5.1.0