I emailed info@pgsql.com, cc'ed scrappy@hub.org about a suspected SQL
injection problem somewhere on the site more than 3 weeks ago. No response
till now, behaviour still seems the same.
Any idea how I should go about this?
e.g. correct contacts to use, or it's not a actually problem - the user
authorization/db is configured securely so even though different SQL
statements can be specified and executed, they won't be able to alter data
(I haven't tried to alter data).
Regards,
Link.