|
|
|
|
|
|
by yoloClin
2259 days ago
|
|
|
It would have been much easier to say that if weaponised, an XSS vulnerability can access resources across the entire domain as if they were the victim, and should effectively be considered an account hijack of any exploited victims. It really has nothing to do with homepaths, or even user-supplied data whatsoever. |
|
|