Hacker News new | comments | show | ask | jobs | submit login

In the meantime, can you confirm that the disabling of XML and YAML inputs fully mitigates the RCE as well as the SQLi?



The vectors for both are the same. The term "SQLI" here is very misleading.


Yes.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: