Java deserialisation vulnerability
I have to ask, but when whoever invented deserialisation, did he give no thought as to the security implications of being able to alter or swap out the object/file in transit. What the frag are they teaching them in computer security.