It's the most common vulnerability *on the web*. It's certainly not the most com... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		scrollaway on March 27, 2015 \| parent \| context \| favorite \| on: Slack was hacked It's the most common vulnerability on the web. It's certainly not the most common vulnerability in projects built under popular non-php frameworks. Under that model, it's harder to create a situation where a SQL injection is possible than not. Edit: Slack's in PHP, I thought it was in RoR for some reason. Oops.

alexhill on March 27, 2015 | [–]

Slack is a web service written in PHP, so I'd say elchief's assumption is reasonable.

thedufer on March 28, 2015 | [–]

Additionally, Slack has had SQLi attacks found against it in the past, which is proof that they aren't defending against it systematically.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact