Y
Hacker News
new
|
ask
|
show
|
jobs
by
TACIXAT
3755 days ago
Just put a script in the username field, sorry if that wasn't clear.
<script>alert(0)</script>
All the live updating that module does, I figured there might be some code injection.