ndw’s avatarndw’s Twitter Archive—№ 33,789

  1. …in reply to @undefined
    @_james_fuller The exploit tunnels through the public identifier which System.Xml.UriResolver treats as a relative URI (I kid you not) so XInclude isn't a vector for this attack.
    On twitter.com Twitter logo ndw’s avatar Mood -3 🙁