|
|
|
|
|
|
by solenoid0937
64 days ago
|
|
|
It definitely is. You can use all sorts of vuln scanners to find vulns. Most codebases have vulns, and most vulns aren't even reachable. The hard part is chaining them together in a fire-and-forget exploit that gets you what you want from the target. |
|
|
RCE is effectively "can run code" which is just JavaScript if you ignore the sandbox.