Cover art for CyberCode Academy

Course 38 - Web Security Known Web Attacks | Episode 2: RCE Filter Bypassing and JSON Hijacking

CyberCode Academy

Published
July 3, 2026
Duration
23:37
Summary source
description
Last updated
Jul 5, 2026

Discusses courses.

Summary

In this lesson, you’ll learn about: bypassing weak RCE filters and understanding JSON hijacking (legacy browser vulnerability)1. Why RCE Filters Fail🔹 Common mistake:Developers block specific characters (like ;)🔹 Problem:Attack surface is much larger than one delimiter👉 Key InsightBlacklisting single characters is not real security2. Alternative Comman…

Intelligent Report

Sign in to read teasers, or upgrade to Research Pro to commission intelligent report for this episode. Learn more →

Show notes

In this lesson, you’ll learn about: bypassing weak RCE filters and understanding JSON hijacking (legacy browser vulnerability)1. Why RCE Filters Fail🔹 Common mistake:Developers block specific characters (like ;)🔹 Problem:Attack surface is much larger than one delimiter👉 Key InsightBlacklisting single characters is not real security2. Alternative Command Operators🔹 Even if ; is blocked, others exist:&& → execute if first succeeds|| → execute if first fails| → pipe output& → background executi

Themes

  • courses
Course 38 - Web Security Known Web Attacks | Episode 2: RCE Filter Bypassing and JSON Hijacking | CyberCode Academy | Vagelintel