CSecGroup'Blog
Blog posted within CSecGroup, listed in reverse chronological order.
- 2018
- CVE-2018-1260 spring-security-oauth2 RCE Analysis. 2018.10.05
- GitLab web hooks SSRF(CVE-2018-8801) Patch analysis and How to safely fix SSRF. 2018.05.02
- SpringBoot应用监控Actuator使用的安全隐患. 2018.03.29
- 从S2-052补丁分析Xstream反序列化漏洞修复方案. 2018.03.12
- 2017
- 应用安全:JAVA反序列化漏洞之殇. 2017.10.12
- Struts2漏洞利用原理及OGNL机制研究. 2017.03
- 2016
- SDL-软件安全设计初窥. 2016.11