Hey Everyone, did you hear- WebGoat is full of security holes. Way to go FullDisclosure, you really nailed that one, though you did miss severl dozen vulnerabilities in the software (it is almost like it was designed to be vulnerable…), for example little trivial things like command injection. Did you hear from the vendor to see if they have a timetable to fix the flaws?

~ Joshbw