Cross-Site Scripting (XSS) in Go
Guessing unknown MIME types
The other day I was investigating the findings of a certain SAST scanner for a Go project. In particular, I was analyzing the Reflected Cross-Site Scripting (XSS) results. At first glance, one of these results looked like a True Positive (TP) — it was writing a partially user-controllable value directly...
[Read More]