Critical Thinking - Bug Bounty Podcast cover image

Episode 11: CV$$, Web Cache Deception, and SSTI

Critical Thinking - Bug Bounty Podcast

00:00

CVSS and the OWASP Rating System

I was a big hater on CVSS for a while. And then I went and saw the alternatives and I was like, you know what? CVSS ain't so bad. Not that I come to think of it. So if you really want to be a sleuth, then you can go figure it out who it is. But there's a specific program that doesn't use a platform that I hack on from time to time. And they do not use this, they use the OWASP rating system. It is impossible to get a critical vulnerability in that system. You could be holding, you know, you could be in their bank account, transferring money away. Like it

Play episode from 23:25
Transcript

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
 Get the app