|
|
|
|
|
|
by sudhirj
1797 days ago
|
|
|
The vulnerability is the ability to poison the cache of some popular library once I steam the WORKERS_KV token. I could choose the most popular library, say Bootstrap, and change it to something else. People who loaded the script with SRI on browsers that support SRI would notice a problem, but could still target millions of others. |
|
|