A bit of Web site embarrassment for Republican presidential front-runner Rudy Giuliani: The site had to be shut down because of a serious security flaw.
Giuliani’s campaign hurriedly fixed its official Web site late Monday to remove a dangerous design flaw that could have allowed hackers to expose personal information submitted by volunteers.
The vulnerability affecting Giuliani’s site, JoinRudy2008.com, could have exposed confidential information stored in the campaign’s databases. The Web site failed to block commands that can instruct it to improperly display sensitive information, a popular hacking technique known as “structured query language injection.”
The AP, which says it notified the Giuliani campaign about the problem, noted that the security company Giuliani formed after leaving office as New York City mayor offered cybersecurity services.