Y
Hacker News
new
|
ask
|
show
|
jobs
by
mynameismon
1665 days ago
It's not the ability to display alerts that is concerning, but rather, the ability to run untrusted Javascript. This was a proof of concept that showed that it has a serious XSS vulnerability
1 comments
seedie
1665 days ago
For detailed information on what XSS is, how it can be exploited and prevented have a look at the OWASP XSS description
https://owasp.org/www-community/attacks/xss
link
https://owasp.org/www-community/attacks/xss