GitHub

Scanner treats backslash as escape character outside quoted strings, diverging from Jinja2 behaviour

In Jinja2, the template scanner is not responsible for backslash interpretation. It locates block/variable/comment delimiters, extracts the raw content between them, and passes it to Python's ...
GitHub

Sandbox Bypass via JavaType-Based Deserialization

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
SecurityWeek

Over 30 Vulnerabilities Discovered Across 20 CMS Products

Researchers have identified more than 30 vulnerabilities across 20 popular content management systems (CMS), including Microsoft SharePoint and Atlassian Confluence. The research was conducted by ...