Categories
Category //

Checkmarx Security Research Team

Rewriting Your History Using a Historical Vulnerability

In recent years, cross-site history manipulation (or XSHM for short) has garnered rising attention from our customers. With this and our team being inspired by this recent CSO article exploring legacy software bugs, we decided to take a closer look

CVE-2021-31800: How We Used Impacket to Hack Itself

According to its official documentation, Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets for some protocols (e.g. SMB1-3 and MSRPC), and for others, the protocol

The 0xDABB of Doom: CVE-2021-25641

Introduction When I previously wrote the original Dubbo publication, we disclosed that issue as it was mitigated by the vendor. While the Dubbo “HTTP” protocol in that disclosure was trivially vulnerable to the most common Java deserialization attacks (as evidenced

Solving ISA’s 2021 Web Challenges

Being part of the Checkmarx SCA Research Team who supports our next-gen Software Composition Analysis (SCA) solution, my team members and I often participate in Capture the Flag (CTF) types of competitions to hone our skills and share our knowledge

CVE-2020-35774: twitter-server XSS Vulnerability Discovered

According to its official documentation, “twitter-server” is a Twitter OSS project used to provide a template from which servers at Twitter are built. It provides common application components such as an administrative HTTP server, tracing, stats, and more, and is

Drupal Core: Behind the Vulnerability

As you may recall, back in June, Checkmarx disclosed multiple cross-site scripting (XSS) vulnerabilities impacting Drupal Core, listed as CVE-2020-13663, followed by a more technical breakdown of the findings in late November. Today, we’re releasing details surrounding additional, new vulnerabilities

Skip to content