[g105b]

I'm really sorry, but I'm the one who just broke it :S

I was leaving a friendly message on other people's todo lists to expose a vulnerability, but somehow I ended up breaking it completely, and I regret that now.

Please see this as construcive feedback. The vulnerability I was exploiting was an insecure direct object reference (https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Dire...), but there are many other vulnerabilities there too, like Cross Site Scripting (https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Sc...)

Again, I'm really sorry to break your application, but I'm more than happy to help fix the vulnerabilities - is the application open source anywhere?

[cw12574]

Oh wow, thanks for finding this and letting me know. Have taken it offline until I can fix it. I'll open source it tomorrow, read the docs above and see if I can work out a fix.

[g105b]

No problem! It's the wild west out there - feel free to reach out if you need any help/guidance, I'm happy to help.

[cw12574]

Hey man, thanks again for finding this. I've open-sourced the project now: https://github.com/cw12574/anotherdarntodolist

I'm trying to fix the 2 vulnerabilities that you mentioned. I'm pretty new to this though so am struggling a little. Is there any chance there's any way I could message you privately to ask a couple of questions?

[g105b]

Sure, my email's in my github of the same username.