|
|
|
|
|
|
by eatonphil
721 days ago
|
|
|
I love the reference to the ACIDRain paper in there. > They analyzed “12 popular self-hosted eCommenrce applications written in four languages and deployed on over 2M websites” and identified and verified “22 critical ACIDRain attacks that allow attackers to corrupt store inventory, over-spend gift cards, and steal inventory”. According to the paper, “Of the 22 vulnerabilities, five were level-based, meaning that the default weak isolation level led to the anomalies behind the vulnerabilities. http://www.bailis.org/papers/acidrain-sigmod2017.pdf |
|
|