A little reminder: The system does not work for tweets shared by user in very old time or for those older than the last 1800 tweets the user shared 💔
#SecurityExplained S-12: Vulnerable Code-1 The below code is vulnerable to cross-site scripting attacks due to improper filtration! The encoding is missing a single quote (') and it is possible to execute an XSS with payloads such as: '+alert(1)+'. [1/2]
What could possibly go wrong with the below piece of code?
— Harsh Bothra (@harshbothra_) January 12, 2022
Code Source: OWASP Secure Coding Dojo
[Explanation will be posted in today's #SecurityExplained]#AppSec #infosec #WebSecurity #bugbounty #codereview pic.twitter.com/BKcC3zUmS3
Go to TweetFollow us on Twitter
to be informed of the latest developments and updates!
Follow @tivitikothreadYou can easily use to @tivitikothread bot for create more readable thread!
Donate 💲
You can keep this app free of charge by supporting 😊
for server charges...