StackStorm - From Originull to RCE - CVE-2019-9580


StackStorm (aka “IFTTT for Ops”) is event-driven automation for auto-remediation, security responses, troubleshooting, deployments, and more. In this blogpost I will describe how can you cause RCE on targeted servers which only requires an authenticated user browse to malicious webpage.

Read More

Youtube - Open redirection


Google fixed this a year after I reported this bug and yet refused to accept this as a vulnerability, got no luck with bug-bounties haha

Read More