[jboss-user] [JBoss Seam] - Re: Beginning conversations in @Factory methods
CptnKirk
do-not-reply at jboss.com
Wed Jul 12 16:05:21 EDT 2006
If this ID is being added as a request param please make sure that it's a non-important ID (ie, not a DB key). If it is, you run the risk of a malicious user accessing or possibly updating data they shouldn't via manipulation of this request param.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3957512#3957512
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3957512
More information about the jboss-user
mailing list