7 points | by redfr0g 6 hours ago ago
2 comments
How Striga uncovered a critical sandbox escape and unsanitized node name injection in n8n's expression engine, chaining them into full Remote Code Execution.
This is why AST-based sandboxing in JavaScript is fundamentally fragile, every new syntax feature is a potential gap
How Striga uncovered a critical sandbox escape and unsanitized node name injection in n8n's expression engine, chaining them into full Remote Code Execution.
This is why AST-based sandboxing in JavaScript is fundamentally fragile, every new syntax feature is a potential gap