JavaScrypto - SECCON CTF24
Using prototype pollution to get XSS bypassing AES protections and gaining impact via localstorage partitioning
2025-01-30
Ruby class pollution research - Rotate Chains
Abusing ruby class pollution via a new method called rotate chains to get SQLI and then exploiting a 1-gadget ruby deserialization gadget to get RCE.