Y
Hacker News
new
|
ask
|
show
|
jobs
by
vinhboy
4904 days ago
Wait, what? What if the app does not parse ANY user provided XML or YAML at all?
1 comments
tptacek
4904 days ago
That does not matter.
link
vinhboy
4904 days ago
Holy cow. I just figured out how to send the payload. This thing is seriously bad news.
I still haven't figured out an attack vector yet, but least I now know that my patches are working!
link