Justin Steven (@Justinsteven)

Title	Vulnerabilities	Programs	Authors
postMessage DOM XSS vulnerability in Gartner Peer Insights widget	PostMessage DOM XSS	Gartner Gradle LogRhythm SentinelOne Synopsys Veeam Vodafone Black Kite ReversingLabs Tata Communications	Justin Steven (@Justinsteven)
Amazon Linux "log4j hotpatch" <1.3-5 local privilege escalation to root (race condition)	Local Privilege Escalation	Amazon	Justin Steven (@Justinsteven)
Git honours embedded bare repos, and exploitation via core.fsmonitor in a directory's .git/config affects IDEs, shell prompts and Git pillagers	RCE	GitHub Microsoft JetBrains	Justin Steven (@Justinsteven)
GitHub Actions check-spelling community workflow - GITHUB_TOKEN leakage via advice.txt symlink	Logic Flaw Information Disclosure	GitHub	Justin Steven (@Justinsteven)
OVE-20210809-0001 Visual Studio Code .ipynb Jupyter Notebook XSS (Arbitrary File Read)	XSS Arbitrary File Read	Microsoft	Justin Steven (@Justinsteven)

Page 1 of 1