Episode 11: CV$$, Web Cache Deception, and SSTI - podcast episode cover

Episode 11: CV$$, Web Cache Deception, and SSTI

Critical Thinking - Bug Bounty Podcast
Mar 16, 20231 hr 4 minSeason 1Ep. 11
--:--
--:--
Listen in podcast apps:
Metacast
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Episode 11: In this episode of Critical Thinking - Bug Bounty Podcast we talk about CVSS (the good, the bad, and the ugly), Web Cache Deception (an underrated vuln class) and a sick SSTI Joel and Fisher found.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

MDSec Outlook Vuln:

https://twitter.com/MDSecLabs/status/1635791863478091778

Jub0bs User-Existance Oracle Tweet:

https://twitter.com/jub0bs/status/1633786349529513986

James Kettle's Tweet About BB ID Header Standardization:

https://twitter.com/albinowax/status/1635951506791755776

15K Snapchat Numeric IDOR:

https://hackerone.com/reports/1819832

Bug Bounty Reports Explained:

https://www.bugbountyexplained.com/

CVSS Calculator:

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator

Web Cache Deception Write-up:

https://www.blackhat.com/docs/us-17/wednesday/us-17-Gil-Web-Cache-Deception-Attack.pdf

For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
Episode 11: CV$$, Web Cache Deception, and SSTI | Critical Thinking - Bug Bounty Podcast - Listen or read transcript on Metacast