• Reliant1087@lemmy.world
      link
      fedilink
      arrow-up
      13
      ·
      1 year ago

      I was just thinking how the developer of kbin made a post regarding a similar bug in kbin and some people made fun of him for missing something so obvious, and here we are 🤨

        • nottheengineer@feddit.de
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          I’d call the second group fools because those are generally the ones that the system is trying to be safe against.

        • marcos@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          If you are creating some software in 2023, it should not be vulnerable to SQL injection.

          There’s no “but” or “unless”.

          I really wished the presentation layer and session management had that kind of clear interfaces, instead we are stuck into only solving some 99.9% of CSS and 90% of CSRF. But SQL injection is 100% complete solved for good.

        • Rhaedas@kbin.social
          link
          fedilink
          arrow-up
          8
          ·
          1 year ago

          The difference is that here lots of people posted about it and action was taken. If this was corporate owned, any suggestions of a problem would have been removed or denied, and months later after it hits public media they would have admitted there might have been a problem, and here’s some free identity theft protection if you feel like you were affected.