
Submit a Pull Request to Inject Arbitrary JavaScript Code into Trump's Site - morninj
https://blog.chibicode.com/you-can-submit-a-pull-request-to-inject-arbitrary-js-code-into-donald-trumps-site-here-s-how-782aa6a17a56#.skzzncv32
======
a3n
A similar thing happened to Microsoft ten years back, when they hotlinked to
an image on flickr and violated the CC licensing by doing so. The owner of the
image swapped out his original image at the link, replacing it with the
infamous goatse image, which appeared on Microsoft's site for some period of
time.

The image owner wrote it up on his blog. You don't _really_ need to follow
links to the goatse image or a screenshot of the Microsoft page displaying the
image, but they are there:
[http://www.niallkennedy.com/blog/2006/12/microsoft-
copyright...](http://www.niallkennedy.com/blog/2006/12/microsoft-copyright-
photograph.html)

------
morninj
(This vulnerability has been fixed, but there wasn't enough space in the title
field to say so.)

