Slides
Abstract
This presentation takes you to a tour of how not to handle vulnerability disclosures and how not to add a third party library in your system without keeping a track on the upstream.
The presentation is visual version of blog post A story of forgotten disclosure and DOM XSS