Amazing Security Flaw on the ASUC Website
As if I haven't given my ASUC website friends a hard enough time already, here is something more to get them all upset with me. The ASUC website has a nifty little Calendar keeping track of events, where people can post what is going on. Any by people, I mean anyone! Go ahead, go add something yourself. It's super easy.

Already, someone has scheduled February 25th as Official ASUC "Get Absolutely Nothing Done Day" (not me, I promise). I assume sooner or later the adults will realize that we're monkeying around with their website and fix things, but for now it'a free for all.

Having a completely unprotected Calendar like this worked fine as long as nobody was actually using/looking at it, but I'm guessing the intention is for people to visit it sometime in the future, so some feature that requires a webmaster to approve things before they go up would probably be a good idea.

(And yes, I realize that I could have just just passed along an e-mail informing the people behind the website of the security flaw in the site, but this is substantially more fun. Also, before people accuse me of tarnishing the idea of a ASUC website that anyone could have been able to post events on, once people actually started visiting it, I'm sure a million people would have figured that out anyway and made all sorts of immature jokes. Finally, to those people who could do something about fixing this, you should totally pretend that you didn't see this post so us kids can have some fun before you shut things down.)

P.S. If you feel the need to update the calendar, be sure to grab a screen shot of your handiwork.Email This Post!