While Donald Trump pleads with Russia to hack Hillary Clinton’s email accounts, the GOP candidate narrowly avoided his own cybersecurity fiasco. As engineer Shu Uesugi pointed out, Trump’s donation page was susceptible to an injection attack (until yesterday; Uesugi’s post brought about a quick fix).
This is known as a pull request. If somebody makes changes to a project, they can submit a request to that project’s owner, asking the owner to “pull” their changes into the main branch. So if someone wanted to mess with Trump’s site, all they’d need to do is submit a pull request to the Github repository, and have it be accepted. In fact, after the exploit was publicized, someone submitted an “URGENT FIX” which would have changed the background of the page to an image of Trump and Putin making out. In the grand scheme of possible hacks, that’s not so bad.