This is a classic case of one of the problems of the increasingly numerous and powerful Web dev platforms - as you let other people either control your app through an API, or even write code that executes on the server-side, you're increasing the cycles available to an attacker. It's similar to the dns reflector attack.
signature.asc
Description: This is a digitally signed message part.
