Y
Hacker News
new
|
ask
|
show
|
jobs
by
jamesfinlayson
1190 days ago
I once fixed a Contact Us form that allowed the recipient email address to be overwritten, so anyone could put their spam in the body and sent it to anyone via that form.