Posted by Security Explorations on Dec 16
Hello All,
We would like to provide a status update to the initial
announcement [1] made a week ago regarding our SE-2014-02
security research project targeting Google App Engine
for Java.
Information regarding vulnerabilities and associated PoC
codes (Issues 1-22 / unconfirmed Issues 23-35) was sent
to Google on Dec 07, 2014.
Google has been able to reproduce the issues locally, but
when tried in production some of them didn’t seem to…