Hacker News new | past | comments | ask | show | jobs | submit login

That is the CWE that they identify, but the code seems to store the apparently unhashed password in the database on top of that?



Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: