all InfoSec news
Risky Click Text Editor Edition
DEV Community dev.to
šĀ Is this risky? Most devs are great at knowing what parts of their apps are easier or harder to implement but donāt have a great sense of which are more or less of a security risk.
āļøĀ Embedded document editing is surprisingly risky. A good example is the UEditor JS, which was shipped with multiple Java and .NET CMS projects, had over 6k stars on GitHub, and had a vulnerability that allowed for unrestricted file uploads to the server. ā¦
apps click document don easier editing editor embedded good great javascript parts risk risky click security security risk text text editor webdev