Discovery of CVE-2022-24833
When on a security audit for a client it was discovered that a key component – the open-source private paste service PrivateBin contained a previously undocumented flaw. Cross-site-scripting is nothing new. I actually feel there must be prehistoric cave paintings and markings somewhere in the world containing some variation of <script>alert(1)</script>. Although XSS payloads embedded […]