Bálint Magyar's articles

Client-side RCE via CSS Injection in Google Web Designer for Windows

Client-side RCE via Improper URL Parsing in Google Web Designer for Windows: CVE-2025-4613

Client-side RCE via Symlink Following in Google Web Designer for macOS/Linux: CVE-2025-1079

Text Injection But Make It Spicy: Rendering QR Codes With Unicode Block Characters