John Simpson is a Senior Security Researcher at Veracode. He is an experienced N-day vulnerability researcher and has performed root-cause analysis on hundreds of vulnerabilities over the span of several years. He now focuses on applying the knowledge gained from vulnerability research into improving Veracode’s static analysis service across a variety of languages and technologies.
Back in 2022 while browsing through lists of recently disclosed vulnerabilities, I happened upon some Adobe Commerce/Magento Open Source vulnerabilities [1], that were reported to be exploited in the wild and can be exploited to achieve remote code execution, a combination which always motivates me…
