Clop seems to be on a roll, first with GoAnywhere and now with Moveit

  • argv_minus_one@beehaw.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    SQL injection? Oh, good grief. Here I was assuming it was some subtle bug, like use-after-free or using a cryptographic primitive slightly wrong—an honest mistake made by a developer who’s working too hard. But SQL injection vulnerabilities are the result of doing something we’ve been taught for decades to never do, so I can’t imagine any excuse for this.