Y
Hacker News
new
|
ask
|
show
|
jobs
by
sakshyamshah
3137 days ago
Only if your front end is SPA and backend just serves through data via api. even in that case, xss in front-end can compromise admin's web sessions to pivot into backend services.