Reply to post: A tad harsh

Chaos at TalkTalk: Data was 'secure', not all encrypted, we took site down, were DDoSed

Chris Miller

A tad harsh

SQL injection may be old hat, but it is an example of weak validation of input data (see also XSS). If your site contains many thousands of web pages, the chances that there will be examples of such errors are rather high - in my experience it's unusual for a web application vulnerability assessment not to turn up multiple occurrences, whether they have the potential to be a major or a minor breach is largely down to luck.

[Inevitable Bobby Tables reference]

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019