|
|
|
|
|
|
by shreddit
1777 days ago
|
|
|
My company is distributor of a document-management-software, which also provides an API which connects directly to the underlying database. It's a very basic one i would never let touch the internet directly. 2 weeks ago i saw that another partner did connect it directly to the web with an angular frontend, exposing the login credentials (baked in the frontend). So their database is basically open to the world. I told them, but they responded with something like "We are currently unable to change that. There are plans to change that in the future though". |
|
|