PAPER 01 Security Research
A validated Critical that could not be exploited: extending Doyensec's Aikido vs XBOW study with live exploitation
Doyensec validated around 96% of Aikido's and XBOW's findings on Fider and Photoview, mostly by code review. We re-tested the impactful ones by live exploitation, confirming all four and ruling out a Critical SQL injection that does not actually inject.