← Back to context Comment by ikmckenz 8 months ago Related: https://arstechnica.com/gadgets/2025/05/open-source-project-... 2 comments ikmckenz Reply moyix 8 months ago The main difference is that all of the vulnerabilities reported here are real, many quite critical (XXE, RCE, SQLi, etc.). To be fair there were definitely a lot of XSS, but the main reason for that is that it's a really common vulnerability. ikmckenz 8 months ago All of them are real? You have a 100% rate of reports closed as valid?
moyix 8 months ago The main difference is that all of the vulnerabilities reported here are real, many quite critical (XXE, RCE, SQLi, etc.). To be fair there were definitely a lot of XSS, but the main reason for that is that it's a really common vulnerability. ikmckenz 8 months ago All of them are real? You have a 100% rate of reports closed as valid?
The main difference is that all of the vulnerabilities reported here are real, many quite critical (XXE, RCE, SQLi, etc.). To be fair there were definitely a lot of XSS, but the main reason for that is that it's a really common vulnerability.
All of them are real? You have a 100% rate of reports closed as valid?