Comment Re:This issue is way overblown. FUD (Score 3, Informative) 225
Nope, it affects https as well. Furthermore, it does not require remote web management since the attack can be carried out via CSRF.
I've never been canoeing before, but I imagine there must be just a few simple heuristics you have to remember... Yes, don't fall out, and don't hit rocks.