Red Hat has fixed multiple web application security issues that allowed hackers to extract website database using Blind SQL injection. Red Hat also confirmed a cross site scripting and Local File Inclusion Vulnerabilities on their website. Mohamed Ramadan Security Researcher and Trainer Attack-Secure, told ‘The Hacker News’ that last year he reported 3 flaws to the company and they finally confirmed and patch those in January 2013. Mohamed recently acknowledged by Facebook and Etsy for reporting serious vulnerabilities in their mobile apps. He was also listed on the company’s website under WhiteHat hackers.
Source: https://thehackernews.com/2013/01/red-hat-patches-multiple-web.html