(no title)
sduff | 6 years ago
Suggest you include the posting date on that page, as reading it, I wasn't sure how recent the info was. I was then shocked to find that these vulnerabilities were identified late last year. Some of these are security 101!
danShumway|6 years ago
This is off-topic at this point, but I still stand by the ending to that post -- Gamasutra did reach out to me and did work with me for a little while to fix some of the issues, but eventually communication fell off.
I didn't re-check to validate that the issues were fixed because I felt like I had done everything that could be expected of me at that point and because, honestly, the whole thing was really stressful. Even when companies are being nice (and UBM was really nice about the whole thing), public disclosure is still scary. You just hear horror stories.
I still recommend that people be cautious using Gamasutra. I only wrote up specific vulnerabilities that I found accidentally, I didn't pen-test the site. My point with this article was that the site needs to be pen-tested. As far as I know, that's never happened.