Inside PostHog: SSRF, ClickHouse SQL Escape and Default Postgres Creds to RCE
via mdisec.com
Short excerpt below. Read at the original source.
Article URL: https://mdisec.com/inside-posthog-how-ssrf-a-clickhouse-sql-escaping-0day-and-default-postgresql-credentials-formed-an-rce-chain-zdi-25-099-zdi-25-097-zdi-25-096/ Comments URL: https://news.ycombinator.com/item?id=46305321 Points: 13 # Comments: 0