kravietz 🦇: "@saper@mastodon.social Yeah, Michał came up with …" - Mastodon 🔐 privacytools.io

Oct 24, 2019, 18:41

kravietz 🦇 @kravietz@social.privacytools.io

This exploit is beautiful in every aspect CVE-2019-7609. Upgrade your Kibana. https://www.tenable.com/blog/cve-2019-7609-exploit-script-available-for-kibana-remote-code-execution-vulnerability #kibana #security #javascript #nodejs

55e5b56545fe8bd9.jpeg

1

Oct 24, 2019, 19:14

Marcin Cieślak @saper@mastodon.social

@kravietz #javascriptshock?

1

kravietz 🦇 @kravietz@social.privacytools.io

@saper Yeah, Michał came up with not so romantic name for it!

Oct 24, 2019, 20:38 · · · ·

Oct 24, 2019, 20:56

Marcin Cieślak @saper@mastodon.social

@kravietz was it more like #!$(@#)$ btw. https://slides.com/securitymb/prototype-pollution-in-kibana#/25 is oversimiplification

0

Sign in to participate in the conversation