On Sun, Oct 30, 2016 at 6:21 AM, Stanislav Malyshev <smalys...@gmail.com> wrote:
> Hi! > > So I wrote a first version of the document Anatol mentioned: > > https://wiki.php.net/security > > Please comment. Fixes to the grammar and typos are especially welcome > (you can just do them in the wiki without asking :) > It would be nice to add specific examples (e.g. the string overflow case to low). I'm also wondering under which category unserialize() issues would (usually) fall. I'd assume "low" (because requires documented insecure code + well known class of vulnerabilities). Nikita
