5 Oct
2009
5 Oct
'09
12:06 p.m.
This is a classic case of one of the problems of the increasingly numerous and powerful Web dev platforms - as you let other people either control your app through an API, or even write code that executes on the server-side, you're increasing the cycles available to an attacker. It's similar to the dns reflector attack.