Chris Davis

Chris Davis

Chris Davis (Security +) is a Security Analyst at Bishop Fox. His areas of expertise are application penetration testing (static and dynamic) and external network penetration testing. Chris actively conducts independent security research and has been credited with the discovery of six CVEs (including CVE-2019-7551) on enterprise-level, highly distributed software. The vulnerabilities he identified included remote code execution and cross-site scripting (XSS). Chris completed the Cybersecurity Training Program at SecureSet Academy in addition to coursework at Metropolitan State University of Denver.

Recent Posts by Chris Davis:

by Chris Davis, on Sep 10, 2019 5:43:00 AM

ADVISORY SUMMARY OpenEMR is a widely used open source medical records management tool. The latest version at the time of this research was 5.0.1(6), older versions are believed but unconfirmed …

Read Details
Vulnerabilities:Cross-site ScriptingArbitrary Remote Code Execution

by Chris Davis, on Jul 24, 2019 9:00:00 AM

ADVISORY SUMMARY InterSystems Corporation is a software systems and technology vendor for government, business, and healthcare industries. The InterSystems Caché application is a high-performance object database. The latest version at …

Read Details
Vulnerabilities:Stored Cross-site ScriptingReflected Cross-site Scripting

by Chris Davis, on Mar 8, 2019 12:41:18 PM

Product Vendor Cantemo AB Product Description Cantemo AB is a software systems and technology vendor for major media outlets. The Cantemo Portal application is a high-performance media asset management tool …

Read Details
Vulnerabilities:Stored Cross-site ScriptingCross-site Scripting

Vulnerability Disclosure Policy

Bishop Fox takes security issues very seriously. We believe in coordinated disclosure, and we work closely with vendors and clients to patch vulnerabilities promptly. More on our Disclosure Policy →

Subscribe to Updates