A troubling failure by web application developers to properly secure how their apps connect to mobile backend-as-a-service systems could be leaving sensitive information on millions of Internet users vulnerable to compromise. Germanys LOEWE Center for Advanced Security Research Darmstadt (CASED) recently issued an alert on the issue. The exposed records included email addresses, passwords, health records, and other sensitive data belonging to hapless users of web applications that use these backend web databases. The problem lies in the cavalier manner in which many web developers integrate support for BaaS in their applications.”]
Source: https://www.darkreading.com/application-security/web-app-developers-putting-millions-at-risk