In this page, I'll link findings I never got around to write a full blog about.

Product	Summary	Link
Golang	CVE-2019-14809 - Hostname spoofing via crafted URLs	https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg https://github.com/golang/go/issues/29098
SameTime, MSN Messenger, Yahoo Messenger	Slides from the presentation I gave at OWASP 2015	http://bit.ly/StylishXSS
Chrome XSS Auditor	Bypass through HTTP Parameter Pollution (2012)	http://bit.ly/XssAuditor

Adi "Adico" Cohen - Security Research Blog