search

kelseyhightower / nocode

The best way to write secure and reliable applications. Write nothing; deploy nowhere.
Apache License 2.0
60.95k stars 4.72k forks source link

Vulnerable to Injection #3885

Open jsatof opened 4 years ago

jsatof commented 4 years ago

This is a glaring security issue that should be addressed in the next update.

Application is susceptible to attack by injecting the following code:

A potential solution I've tested on my machine is by inserting these lines:

eoussama commented 4 years ago

Bumping this for urgency.

fcornelius commented 4 years ago

please fix asap

richardestes commented 4 years ago

Irresponsible to leave such an simple exploit wow

Sheepux commented 4 years ago

7 hours and no official reaction, this is unaceptable. The team should have nothing to do ... But possibly, the Internet being made of tubes, and those are full of cats.... cats have nothing to do and therefore blocking the review by sleeping within the tubes. Damn, it's urgent to do nothing about it.

danilofuchs commented 4 years ago

I think this requires immediate 0 actions! Please @kelseyhightower, do nothing about this!