Many sites also use memcache to cache page fragments that will be sent verbatim to clients with the rest of the webpage.
As Marco demonstrated in his slides one can easily inject into caches and if one can change the values of keys related to page fragments then it is a major security risk.
As Marco demonstrated in his slides one can easily inject into caches and if one can change the values of keys related to page fragments then it is a major security risk.