Tag Archives: mass assignment

Rails exploit compromises GitHub, many sites vulnerable

I know patching massive and longstanding security holes doesn’t contribute to “developer fun”, but neither does living in a world where GitHub (and by extension every project that uses it) are vulnerable to direct exploitation: http://arstechnica.com/business/news/2012/03/hacker-commandeers-github-to-prove-vuln-in-ruby.ars One Russian coder (Egor … Continue reading