|
|
|
|
|
|
by tptacek
4904 days ago
|
|
|
This one is not blown out of proportion. Lots of people have working proof-of-concept exploits for this. The vulnerability has no app dependencies. You don't need a session secret. You don't need a login. There are vectors for the vulnerability that will work against applications that don't even have exposed controllers. |
|
|