Рет қаралды 13,692
In this presentation, I'll walk through a number of information disclosure vulnerabilities I've found in mature programs overlooked by other researchers specifically in HTML page sources and APIs. In doing so, I'll demonstrate the design pattern in Rails that makes this an easy mistake to make, especially when combined with a front end JavaScript library like React or Angular.
Have questions? Ask them on the Bugcrowd forum: bgcd.co/2thaRxc
Join Bugcrowd today: bgcd.co/2up2fUH