@bascule The existence of SQLi in a mature framework is basically unforgivable in 2013. At the very least, it's a huge black eye.
-
-
-
@KirinDave it's. not. exploitable.
End of conversation
New conversation -
-
-
@bascule you probably knew by now though, sorry. Reading my feed once a day.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@bascule@tqbf mentioned (in HN comments) that there is a possibility, but didn't want to disclose. See http://news.ycombinator.com/item?id=5002165Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@bascule That said, my opinion of rails changes very little. My security friends warn me constantly about it as they discover new attacks.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@bascule Session fixation attacks are a real thing.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.