|
|
|
|
|
|
by AgentME
3114 days ago
|
|
|
How many fund-stealing XSS attacks has EtherDelta been hit with by now? It should be considered criminal that they still haven't put up a competent Content-Security-Policy header that would entirely block that class of exploits. Their current one is trivially-bypassable security theater that I tried reporting and got blown off. It's probably for the best that they don't have more attention. |
|
|