Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Cthulhu_
on April 9, 2014
|
parent
|
context
|
favorite
| on:
Hijacking user sessions with the Heartbleed vulner...
TRWTF is how Jira doesn't apparently check if the session id is coming from the same computer (a simple ip address check for example). Pretty sure most sites are secure against cookie (and thus session) takeovers.
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
