Y
Hacker News
new
|
ask
|
show
|
jobs
by
scandox
3393 days ago
Yes but what I think I had not given enough thought to were DOM-based vulnerabilities, which it seems to me are the ones that would be relevant to 3rd party JS libs. Anyway I will certainly be giving this deeper thought.
1 comments
steveax
3393 days ago
If you're for instance relying on handlebars to escape displayed content from user input properly and your version has a vulnerability...
link