3. Have I "discovered" a glaringly obvious security risk in my company's new enterp...

Have I "discovered" a glaringly obvious security risk in my company's new enterprise application?

A lot of guides mention them in the same breath, but they aren't. SQL injection is far more severe, it's a remote server-side exploit that can allow arbitrary data theft or destruction by a lone attacker. By comparison, XSS is a remote client-side exploit, so (1) the hacker needs to find a victim to lure, and (2) the victim's risk profile may be more limited depending on what client side JS code can do (usually less damage than remote sever side exploit).

Not to say it's not dangerous, it is. But it's the difference between "send me an email, I'll fix it in a few days or a week", and "WAKE ME UP AT 3AM AND NOBODY GOES TO SLEEP UNTIL THIS IS PATCHED" kind of severity.

/r/webdev Thread Parent
Previous
Next

Recently removed from /r/webdev

UK gov bootcamps I made a custom CMS from scratch for close friends and family :) How to transfer data from old database to new one How hard is it to get a job? Really losing motivation reading horror stories for self-taught people Webflow vs Wordpress | Newbie questions I made a service to get updates for games that you are interested in Neumorphism — Tailwind Components ✨ Hypertext Magic help needed How to become a web dev? Yo - instead of making fun of people's ideas - HELP THEM OUT and give them feedback! Its 2023 why aren't people using async await. Stack Overflow Where can I find a web developer to ask basic html and css questions? anyone know why setTimeout in this example just waits 600 milliseconds and them logs everything at once instead of logging one then in 600 milliseconds it logs the next? my thinking was that since foreach loops over each element in the array I can pause it each loop but that doesn't seem to work

More Random Comments

It’s been 3 years & 6 months we’ve been together.. not engaged, should I leave him? What is that book that no matter how popular and how many times you try to read it, you just can't? Got my Statue today! Why do people get upset about those who do not know something? Black Lives Matter marks one year in Sudbury Freebase vs Nicotine salts AITA for trying to help my daughter lose weight? Megathread (56): Coronavirus COVID-19 in Nederland !~~Contingencies Mega Thread~~! Dog suddenly shaking his head Got vision surgery and have unopened boxes of daily contact lenses. We have a prophecy now? Pizza solves all! Why do you keep coming back to Bloodborne ? Birds aren't real. FoxNews, hold my beer....