Latest Posts

Weekly Update 445

Well, this certainly isn’t what I expected to be talking about this week! But I think the fact it was someone most people didn’t expect to be on the receiving….

W3C – CSS Validator XXE

**security-research** Public # W3C – CSS Validator XXE ## Package ## Affected versions ## Patched versions ## Description ### Summary All versions of W3C CSS validator are vulnerable to XXE….

CSPT Resources

# CSPT Resources 27 Mar 2025 – Posted by Maxence Schmitt As a follow up to Maxence Schmitt’s research on **Client-Side Path Traversal (CSPT)**, we wanted to encourage researchers, bug….