• Reliant1087@lemmy.world
    link
    fedilink
    arrow-up
    13
    ·
    1 year ago

    I was just thinking how the developer of kbin made a post regarding a similar bug in kbin and some people made fun of him for missing something so obvious, and here we are 🤨

      • nottheengineer@feddit.de
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        I’d call the second group fools because those are generally the ones that the system is trying to be safe against.

      • marcos@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        If you are creating some software in 2023, it should not be vulnerable to SQL injection.

        There’s no “but” or “unless”.

        I really wished the presentation layer and session management had that kind of clear interfaces, instead we are stuck into only solving some 99.9% of CSS and 90% of CSRF. But SQL injection is 100% complete solved for good.

      • Rhaedas@kbin.social
        link
        fedilink
        arrow-up
        8
        ·
        1 year ago

        The difference is that here lots of people posted about it and action was taken. If this was corporate owned, any suggestions of a problem would have been removed or denied, and months later after it hits public media they would have admitted there might have been a problem, and here’s some free identity theft protection if you feel like you were affected.