Post by author: Olaf Kummer / Olaf Kummer is a Senior Software Engineer, employed with CoreMedia for most of the current millennium, focusing on servers, UIs and other components in between. On demand, he also acts as dev ops administrator, first-aider, all-knowing trash heap, security council and patent assistant. He sucks at tabletop soccer. Before joining CoreMedia, he worked as a research assistant at the department for Theoretical Computer Science of the University of Hamburg, specializing in concurrency theory and object-oriented Petri nets.

Olaf Kummer

Olaf Kummer

Senior Software Engineer

Olaf Kummer is a Senior Software Engineer, employed with CoreMedia for most of the current millennium, focusing on servers, UIs and other components in between. On demand, he also acts as dev ops administrator, first-aider, all-knowing trash heap, security council and patent assistant. He sucks at tabletop soccer. Before joining CoreMedia, he worked as a research assistant at the department for Theoretical Computer Science of the University of Hamburg, specializing in concurrency theory and object-oriented Petri nets.


Jack in the Box: A Security Bug Story

XXE attacks are increasing. To harden our CMS against them, we implemented procedures proposed by OWASP. These worked fine – until they didn’t. Here’s what we did next.

SIGN UP

Add your name and email address to sign up for our CoreMedia Blog and Industry Newsletter and we will keep you posted about upcoming events, product enhancements and news about CoreMedia.

We promise to keep your data safe and you can opt out at any time.