Nice work concatenating SQL queries with variables, #Cloudflare! 👏 :blobfoxangrylaugh:...
Nice work concatenating SQL queries with variables, #Cloudflare! 👏 :blobfoxangrylaugh:
Oh, btw, they're supposed to be a #cybersecurity company so IT'S BAD.
Oh and guess what? They marked the comment related to this as spam. :blobcat_thisisfine:
Nice work concatenating SQL queries with variables, #Cloudflare! 👏 :blobfoxangrylaugh:
Oh, btw, they're supposed to be a #cybersecurity company so IT'S BAD.
Oh and guess what? They marked the comment related to this as spam. :blobcat_thisisfine:
#decloudflare #infosec
A GitHub comment by WesleyAC marked as spam that reads: it's also real cool and good to assemble the sql statements with string interpolation. afaict that doesn't cause any sql injection problems in the current code, but as soon as there's a path that calls getObjectBy with a attacker-controlled key or something like that there's gonna be problems. definitely not a sign of half baked software rushed to ship or anything like that!
brak komentarzy