[TYPO3-mvc] Upgrading an application from Extbase 1.3

[François Suter]

Hi Helmut,

Thanks for your feedback.

>> but with nearly no information. What problems could I expect (if any)?
>
> I would recommend reading the extbase security cookbook[1] section about
> "mass assignment".

Not being an Extbase expert, this sound pretty scary. Is it really as 
bad as it sounds (i.e. anyone sending a properly crafted request can 
change any property of any object?).

Cheers

-- 

Francois Suter
Cobweb Development Sarl - http://www.cobweb.ch