Mass assignment vulnerability
This can be used to submit extra data to a Web form, thus bypassing additional access, etc.
References
- CVE-2008-7310
- Mass assignment in Rails applications
- Hacker commandeers GitHub to prove Rails vulnerability
- GitHub suspends member over 'mass-assignment' hack
- Rails bug report
- Mass Assignment section in the Ruby On Rails Security Guide
- "Mass Assignment Vulnerability" - protection in Cake -- requires login to Google
- Does CakePHP automatically deal with mass assignment vulnerabilities when saving modified data?
- Mass Assignment Vulnerability in ASP.NET MVC
 | This computer-programming-related article is a stub. You can help Wikipedia by expanding it. |