killchain-compendium/Exploits/Ruby/yaml_load.md

YAML.load deserialization

RCE is is possible via YAML file deserialization through yaml.load().

• staadraad describes how and provides a payload