Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
ITunes website open to HTML injection...again (lgt example). [WARNING: autoplay] (apple.com)
16 points by blhack on Nov 18, 2009 | hide | past | favorite | 7 comments


Credit to SSChicken who pointed this out in a reddit comment thread.

Permalink to their commment:

http://www.reddit.com/r/technology/comments/a5osy/oh_apple_w...


And this is interesting because...?


Because we'd like to think professionals (particularly those who flog their platforms' security) would validate their input, in this, the year 2009.


What vendor has not had similar problems in 2009? What's the vendor that says negative things about their own security?


To me, it's interesting that Apple doesn't seem to have performed an audit (or hell, a search&replace) after the first time this came up.

Fool me once...


Well, it looks as though they have fixed it for now. Apple, this is depressing.


Somehow I never tire of these. :-)




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: