Y
Hacker News
new
|
ask
|
show
|
jobs
by
mi100hael
3391 days ago
Ever heard of XSS?
1 comments
scandox
3391 days ago
Yes but what I think I had not given enough thought to were DOM-based vulnerabilities, which it seems to me are the ones that would be relevant to 3rd party JS libs. Anyway I will certainly be giving this deeper thought.
link
steveax
3391 days ago
If you're for instance relying on handlebars to escape displayed content from user input properly and your version has a vulnerability...
link