"Insecure Deserialisation" exercise not included in the programme and with wrong CWE

Question

"Insecure Deserialisation" exercise not included in the programme and with wrong CWE

MisterL2 opened this issue 4 years ago · 0 comments

There is a cwe509.html with an introduction to Insecure Deserialisation in trainingPortal/static/blackBelt/lessons/ which sounds very interesting, but it isn't included in the definitions.json or any of the belts. Also, Insecure Deserialisation is CWE 502, not 509.