Selected Findings
| Finding | Type | Severity | Status |
|---|---|---|---|
| mXSS in Rust HTML Sanitizer | XSS | Moderate | CVE-2026-63430 |
| Remote Code Execution (3 paths) | Command Injection | Critical | Paid - blog soon |
| OAuth Wildcard Redirect Bypass | Authentication Bypass | Critical | Under review |
| Post-Eviction Meeting Recording | Access Control | High | Under review |
| SSRF → Internal Data Exposure | SSRF | High | Paid - disclosure pending |
About
Application Security Researcher focused on vulnerability research, offensive security automation, and AI-assisted application security.
- Certification: CPTS (Hack The Box)
- CVE: GHSA-9jh8-v38h-cvhr (ammonia mXSS)
- Contact: ivanivancic721@gmail.com