IDOR Vulnerability: What is it and how to prevent it?
Interestingly enough, the IDOR vulnerability type is found as a CVE more commonly in some languages rather than others. Why is that and how can you prevent it?
The Node.js Secure Coding Blog
The security vulnerability of serving images via a route as opposed to static middleware in Node.js
The most upvoted Reddit answer to a question about serving images via a route in Express.js is a security vulnerability waiting to happen.
Why is it considered a bad practice to write raw SQL commands?
Are we going to settle the debate between raw SQL queries and ORMs once and for all? Let's explore the pros and cons of each approach and find the right balance between control and convenience.
JS Security Concepts for JavaScript Developers
Enhance your development workflow with JavaScript security best practices. Learn about Content Security Policy (CSP) in Nuxt.js, avoiding `eval` and `new Function` with untrusted input, secure DOM manipulation, cookie security, and third-party integration.
Secure Coding Practices in Node.js Against Path Traversal Vulnerabilities
Path traversal vulnerabilities were discovered in webpack and backstage npm packages. Learn secure coding practices to prevent path traversal attacks in Node.js applications.
Secure JavaScript Coding Practices Against Command Injection Vulnerabilities
Secure JavaScript coding practices are essential to prevent command injection vulnerabilities in Node.js applications. Learn how to avoid common pitfalls and protect your code from exploitation.