Reply to post: Re: Backend in JS!?

Full stack, C++, and backend developers in demand in this week's job openings

Slipoch

Re: Backend in JS!?

Joomla is a great example of why popularity doesn't matter in this debate, it accounts for about 0.5% of CM website, but is 1-2% of the hacked ones. Showing really poor design and security.

The last couple of JS library issues were both included in standard Wordpress installs and you could attack them using buffer overflow attacks to then execute script command, unsure if the other reply to this response would have stopped that as it would be executing inside the library server-side.

My big point was that a LOT of JS frameworks and CMS's include insecure libraries to do trivial things that are obsolete, such as the padleft library for wordpress which compromised 350+ million websites.

Particularly since padleft can be done natively in js and has been available for some time.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021