Hacker News new | comments | show | ask | jobs | submit login

Indeed, I've quoted that article. But it doesn't talk about random parameters which makes it so easy to attack any website not just your own where you know what the urls are.

Nothing mind blowing, same vulnerability really, there are many ways to extend the core issue.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact