Y
Hacker News
new
|
ask
|
show
|
jobs
by
nurple
972 days ago
All they had to do was add and validate a nonce value in the state, or at the very least, to triage, sanitize the subdomain value. The latter would literally be a 10 minute fix.