THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
While working on the serialize vulnerability, I (Jacques Le Roux) stumbled upon this article "Closing the open door of java object serialization" and found notsoserial was a better Java agent than the OWASP one 's I introduced at r1717058. Because it easily protects you from all possible serialize vulnerabilities as explained here! So I replaced contrast-rO0.jar by notsoserial-1.0-SNAPSHOT at r1730735 + r1730736(see
Jira | ||||||
---|---|---|---|---|---|---|
|
...