BACK TO LIST

Chris Davis

Security Consultant

Chris Davis is a Security Consultant at Bishop Fox. His areas of expertise are application penetration testing (static and dynamic) and external network penetration testing.

Chris actively conducts independent security research and has been credited with the discovery of 34 CVEs (including CVE-2019-7551 and CVE-2018-17150) on enterprise-level, highly distributed software. The vulnerabilities he identified included remote code execution and cross-site scripting (XSS).

Chris completed the Cybersecurity Training Program at SecureSet Academy in addition to coursework at Metropolitan State University of Denver.

The Latest From Chris

Tech Blog
LEXSS: Bypassing Lexical Parsing Security Controls
Jun 22, 2021 5:00:00 AM | By Chris Davis
TL;DR By using special HTML tags that leverage HTML parsing logic, it is possible to achieve cross-site scripting (XSS) even in instances where... continue reading
Advisories
Froala Editor Version 3.2.6
Jun 2, 2021 5:00:00 AM | By Chris Davis
ADVISORY SUMMARY The following describes an identified vulnerability in the Froala application in version 3.2.6. Froala is in use on thousands of... continue reading
Advisories
CRAN Version 4.0.2
Jan 11, 2021 5:00:00 AM | By Chris Davis Joe DeMesy,
ADVISORY SUMMARY The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server... continue reading
Advisories
Immuta Version 2.8.2
Nov 4, 2020 6:00:00 AM | By Chris Davis Nazariy Haliley, Ruihai Fang,
ADVISORY SUMMARY Two cross-site scripting (XSS) vulnerabilities were discovered in the Immuta application. One instance was stored XSS that could... continue reading
Advisories
Winston Privacy Version 1.5.4
Oct 27, 2020 5:00:00 AM | By Chris Davis Justin Paglierani,
ADVISORY SUMMARY The Winston Privacy device was affected by critical and high-risk issues, including a severe command injection vulnerability. The... continue reading
Advisories
TinyMCE — Version 5.2.1
Aug 12, 2020 5:00:00 AM | By Chris Davis George Steketee,
ADVISORY SUMMARY The following document describes an identified vulnerability in the TinyMCE application in version 5.2.1. TinyMCE is in use on... continue reading
Advisories
LibreHealth Version 2.0.0
Jul 14, 2020 3:07:20 PM | By Chris Davis
ADVISORY SUMMARY The following document describes identified vulnerabilities in the LibreHealth application version 2.0.0. Five high-risk issues... continue reading
Advisories
SecureAuth Version 9.3
Jun 19, 2020 5:00:00 AM | By Chris Davis Robert Punnett,
ADVISORY SUMMARY One low-risk vulnerability was discovered within the SecureAuth IdP v9.3 application. This vulnerability could allow malicious... continue reading
Advisories
Big Monitoring Fabric Application
Dec 30, 2019 10:26:22 AM | By Chris Davis
ADVISORY SUMMARY The following document describes identified vulnerabilities in the Big Monitoring Fabric application. Two high-risk... continue reading
Advisories
Solismed Version 3.3SP1
Dec 9, 2019 7:00:00 AM | By Chris Davis
ADVISORY SUMMARY Nine vulnerabilities were identified within the Solismed application. The following document describes identified vulnerabilities... continue reading
Industry Blog
OpenEMR 5.0.1(6) - Technical Advisory Release
Sep 11, 2019 9:00:00 AM | By Chris Davis
OpenEMR is the world’s most popular open source electronic health records and medical practice management solution, and is used globally to manage... continue reading
Advisories
OpenEMR 5.0.1(6) - RCE and XSS
Sep 10, 2019 5:43:00 AM | By Chris Davis
ADVISORY SUMMARY OpenEMR is a widely used open source medical records management tool. The latest version at the time of this research was... continue reading
Advisories
InterSystems Cache 2017.2.2.865.0 and 2018.1.2 Multiple Vulnerabilities
Jul 24, 2019 9:00:00 AM | By Chris Davis
ADVISORY SUMMARY InterSystems Corporation is a software systems and technology vendor for government, business, and healthcare industries. The... continue reading
Advisories
Cantemo Portal Version 3.8.4 - Cross-Site Scripting
Mar 8, 2019 12:41:18 PM | By Chris Davis
Product Vendor Cantemo AB continue reading

MANAGED SERVICES

CONSULTING SERVICES

PARTNER PROGRAMS

LABS | RESEARCH & RESOURCES

CAREERS

COMPANY

COMMUNITY

CONTACT

ADDRESS

8240 S. Kyrene Rd.
Suite A113
Tempe, AZ
85284
United States

Copyright © 2021   Bishop Fox Privacy Statement