Y
Hacker News
new
|
ask
|
show
|
jobs
by
jt3
2828 days ago
Being an application security consultant, I see this stuff a lot unfortunately. Just takes a missing authorization check on the feature, then you got the keys to the kingdom.