Vanessa Henderson

Vanessa Henderson

Stay up to date on Application Security

Posts by Vanessa Henderson
  • Handlebars.js Vulnerability Impact Study
    Research
    | By Vanessa Henderson
    Handlebars.js Vulnerability Impact Study

    A few weeks ago, I described a cross-site scripting vulnerability in the popular handlebars.js library in my blog post here. A number of other JavaScript libraries and applications were also affected because of copy-and-pasted code and a tendency for developers to include and distribute the…

    Read Article
     
  • Cut-and-paste component vulnerabilities…
    Research
    | By Vanessa Henderson
    Cut-and-paste component vulnerabilities…

    Today, we are going to explore a cross-site scripting vulnerability in the popular handlebars library. The handlebars library provides a logicless templating language that enables you to separate the view and the rest of your code. This library is based off of the popular mustache templating…

    Read Article
     
  • Google authentication and passportjs -…
    Managing AppSec
    | By Vanessa Henderson
    Google authentication and passportjs -…

    As you may remember from my introduction post one of the projects that I'm working on at the moment is SRC:CLRs intranet, dubbed iono. I haven't built iono from scratch, the base code was hacked out by my fellow engineers in a weekend flat, so as you can imagine there are a few issues I am finding…

    Read Article
     

Browse By Topic

Select a Topic
Customer News
Intro to AppSec
Managing AppSec
Research
Secure Development
Security News