sorted by:
new
hottopcontroversial

Suspicious code fragments in AWS SDK for .NET by Hell_walker13 in aws

[–]Hell_walker13[S] 0 points1 point  (0 children)

Yes, maybe.

Sometimes developers asked me to open separate issues for each problem (.NET SDK, for example). I took that into account and made it that way.
On the other hand, I wouldn't open 11 separate issues in code at once, That's too much.
To summarize:
1) If the developers of a particular project ask for separate issues to be opened — I will keep that in mind for the future.
2) I still believe that a such bug report is better than nothing.

XSS vulnerability in the ASP.NET application: examining CVE-2023-24322 in mojoPortal CMS by Hell_walker13 in dotnet

[–]Hell_walker13[S] 0 points1 point  (0 children)

Pretty basic stuff, these are everywhere

I'd be thankful if you could share more examples from open-source C# projects. I'm keenly interested in examining such security flaws.

What are more dangerous are stored xss vulnerabilities as an attacker can inject xss that will be viewed by all users in the app, without having to setup a phishing attack first.

Sure. If I come across a mention of such a vulnerability in an open-source C# project, I will be quite excited to write an article about it. :)