Compromising Thousands of Websites Through a CDN
In Summary : When you request a URL like https://unpkg.com/react@16.3.2/ , unpkg checks if it already has the package downloaded and extrac...
https://updatesinfosec.blogspot.com/2018/05/compromising-thousands-of-websites.html
In Summary :When you request a URL like
https://unpkg.com/react@16.3.2/, unpkg checks if it already has the package downloaded and extracted at /tmp/unpkg-react-16.3.2/. If it doesn’t, it pulls the corresponding tar file from npm. [...]kindly refer the following link as follow up :
https://ift.tt/2s2nuJw
