Originally posted by tim123
View Post
FWIW I found one of these errors (script injection vulnerability, to be precise) just before Christmas, on a prominent website owned by a well-known web entrepeneur, with people whose names I recognise as highly experienced programmers on the development team.
The same vulnerability has, at various times, affected Microsoft, Yahoo, Google, American Express, and just about every other well-known company you can think of.
Even the best developers can slip up and let one of these mistakes through.
Leave a comment: