Hacker News new | ask | show | jobs
by dankboys 1523 days ago
Not in any way a web dev, but couldn't an XSS on Lenovo's site make it possible to leak these?
1 comments
ElectricalUnion 1522 days ago
> an XSS on Lenovo's site make it possible to leak these?

Not if they're HttpOnly cookies. Then it requires actually compromise/mitm of the application server code to recover the cookies.

link