Hacker News new | comments | show | ask | jobs | submit login

This is bad, bad, bad, bad! SQL injections, remote code execution, DoS. Pretty much everything is possible with this exploit. You don't even need the secret key which was required in the previous vulnerability.

Upgrade NOW.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact