Your boss's future depends on the success of one document. Can you save the day?
The "See How" button included a link to a long URL at click.mail.adobesystems.com. I clicked the button, and ended up at a long URL at www.getacrobat-xi.com.
Because of the chance that said link included identifying information that linked to that particular email, I figured that I'd see if I could play the game without providing that identifying information. So I decided to lop off the ending part of the URL, and go directly go http://www.getacrobat-xi.com/.
This is what I saw.
Yep, going directly to that http://www.getacrobat-xi.com/ link - at least when I tried it - exposed a computer's filesystem. I didn't really try exploring it a lot, other than to click on the "js" directory.
It's bad enough that a product's URL exposes the plumbing behind the web pages.
It's even worse when said product has already had to deal with security issues.
While the security of a website does not directly affect the security of a compiled program, it doesn't exactly give you the warm fuzzy.
