Comment Re:This issue is way overblown. FUD (Score 3, Informative) 225
Nope, it affects https as well. Furthermore, it does not require remote web management since the attack can be carried out via CSRF.
Dynamically binding, you realize the magic. Statically binding, you see only the hierarchy.