46
ke7mzp
8y

Just inherited a web application, worst security ever, all it does is call an unsecured application that does an active directory call, verifies the user name exists and then grants the role that the username is assigned. That is it oh and if you can find your way into the admin panel anyone can edit anyone else's role.

Come to find out this application got the dev who designed it a promotion to lead.

Comments
Add Comment