null

^^ That one appears in like every pentest I get to review 😄

MichalKleiner

yeah, don’t need details, but there are things appearing lately, i.e. last year, this year, for new sites getting security reviewed, calling out things that were in the “default cwp codebase” for some time already

nightjarnz

I don't think that is information that should be shared @MichalKleiner.

MichalKleiner

I mean on behalf of DIA, not a project level testing

MichalKleiner

I’m wondering what level of scrutiny the whole cwp recipe/stack received in this regard