|
|
|
|
|
|
by ajross
439 days ago
|
|
|
> Any vulnerability that can be characterised as "pass contents through parser, full RCE" is a 10/10 vulnerability for me And I think that's just wildly wrong sorry. I view something exploited in the wild to compromise real systems as a higher impact than something that isn't, and want to see a "score" value that reflects that (IMHO, critical) distinction. Agree to disagree, as it were. |
|
|