Topics

17 - Interesting user controlled variable
41 - RCE Javascript shelljs
42 - Framework Javascript express
62 - Sink Javascript jsonwebtoken
63 - Sink Javascript Angular Strict Contextual Escaping
64 - Sink Javascript Axios
101 - Language Javascript Common DOM Sources
102 - Rule Html Scan Javascript
104 - VID_INTERESTING_LANGUAGE_PHP_SERIALIZATION_ON_USER_CONTROLLED_DATA
109 - VID_LANGUAGE_JAVA_JACKSON
116 - VID_OS_NETWORK_WEB_REQUEST_JAVA_FRAMEWORK_SPRING
117 - VID_DOCUMENTATION_TODO
125 - VID_LANGUAGE_JAVA_JNI
132 - VID_LANGUAGE_PYTHON_OS
135 - VID_RULE_COMPUTE_PLUS
100008 - Rule statement compute assignment
100009 - Rule Compute Dot
400016 - Language Sql SELECT and user controlled

125 - VID_LANGUAGE_JAVA_JNI

Considerations


• Is the library filename an absolute path, or can it load from the current directory as well?