from_future_import has a post stating that Fortify’s recent Ajax alarmĀ is more FUD than fact. Money quote in this one: And MOST importantly the exploit is only applicable to JSON that also happens to be valid JavaScript code. Was it FUD or fact? A bit of both. The benefit of the paper is the fact that […]
Categories