jiNa OCR Image to Text 安全漏洞

jiNa OCR Image to Text is an open-source tool developed by Convertimagetotext, which supports extracting text from images. Version 1.0 of jiNa OCR Image to Text contains a security vulnerability. This vulnerability arises from a denial-of-service attack when processing deformed PNG files. It may...

h1-ctf: [h1-415 2020] @_bayotop h1-415-ctf writeup

TL;DR: Thanks for the challenge! 1. Abusing account recovery via QR codes to get access to [email protected]. 2. Blind XSS in /support/review/ including CSP bypass. 3. Missing input sanitization on name parameter when POSTing to /support/review/. 4. Access to remote debugging port on local...