Slide 31
Slide 31 text
Code vulnerabilities
Cross Site Scripting - XSS (JSON, Content Tag), SQL and
Command Injection, Mass Assignment, Attribute Restriction,
Cross-Site Request Forgery, Unsafe Redirects, Default Routes,
Format Validation (multiline regexp), Denial of Service (cpu,
memory,...), Dynamic Render Paths, Dangerous Evaluation,
Unsafe Deserialization, File Access, Basic Authentication,
Session Settings, Information Disclosure, Dangerous Send,
Mail Link, Remote Code Execution, Remote Execution in YAML.
load