Contents
References
- Portswigger: Insecure Deserialization
- New Wine in Old Bottle - Microsoft Sharepoint Post-Auth Deserialization RCE (CVE-2022-29108)
- CVE-2022-26133
- Unauthenticated Remote Code Execution in Cisco Nexus Dashboard Fabric Controller (formerly DCNM)
- Ruby Deserialization - Gadget on Rails
- HigherLogic Community RCE Vulnerability
- The Story of an RCE on a Java Web Application
- Finding vulnerabilities in Swiss Post’s future e-voting system - Part 1
- Searching for Deserialization Protection Bypasses in Microsoft Exchange (CVE-2022–21969)